On Sat 25/May/2024 19:02:04 +0200 Dave Crocker wrote:
1) It appears that the issue with l= is that implementers are not doing
it correctly, and that there's even lazy-unto-hostile use of it. If this
is the case, that implementers are not doing the spec properly, I don't
see that changing the spec is going to fix the issue, that of
implementers not doing the spec.
There is a basic reality that this situation demonstrates and that we should
learn from: interoperability at scale is difficult to achieve and maintain.
And when something is fragile like this, we should be careful about expecting
actions that mess with it to work reliably, at scale.
So, for example, the pleasant idea of being able to reverse manipulations done
by mailing lists ought to give everyone very considerable pause. We haven't
done well with the first manipulation, so why should a second one do well?
If it doesn't, we can try with a third one. Something ought to work.
My verifier, in particular, works every time on my messages. It doesn't mean
it doesn't work at scale. It means every body can add enough robustness to
their signatures for them to pass through MLM by undoing transformations.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org
