On Tue 28/May/2024 21:08:26 +0200 Hector Santos wrote:
On May 25, 2024, at 12:49 PM, John R Levine <jo...@taugh.com> wrote:
On Fri, 24 May 2024, Jon Callas wrote:

1) It appears that the issue with l= is that implementers are not doing it correctly, ...

If there ever was a correct way to use l=, there sure isn't now.  But per your next message we seem to agree on the outcome.

Yet, as shown, there are many implementations that support it for usage (outbound) and ignoring (inbound) per the consensus.   I did agree with the option and left it as option for sysops to enable/disable.   But I agree it was not an answer to restoring original verification and can be a loop hole.


I did try and use it. You have to be careful to put the subject tag on new messages or write /Re:/ in the right place. You must not sign MIME-Version: and other fields that the MLM writes anew (yes, also Content-Type:). Oh, and never send multipart (HTML) messages. With such limitations, l= does sometimes deliver enough robustness for a signature to survive through a MLM. Unless the MLM transforms the whole stuff to base64, that is.


Best
Ale
--



_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org

Reply via email to