It appears that Richard Clayton <[email protected]> said: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >In message <[email protected]>, Dave >Crocker <[email protected]> writes > >>I've drafted a specification intended to provide a DKIM-based means of >>controlling DKIM Replay, based on community discussions of what is needed. > >I think you may have overlooked some aspects of what is needed to make a >difference to the current situation. > >Your design records and signs the RCPT TO of the original email and >insists that there is only one recipient per email -- so far so good.
Except that as Dave notes there's no way within existing DKIM to verify that the envelope addresses in the headers match the actual envelope addresses, nor to require that the signing domain match the sender address, nor that the signatures form a linked chain, as described in Bron's draft. If we went down this road there's no way other than heuristics to tell whether a particular signature or chain of signatures is supposed to be old DKIM or new DKIM, nor what it means for an old DKIM verifier to handle the parts it recognizes in a new DKIM signature. I am sure I am not the only one here who remembers when spammers added fake Received headers to confuse software that tried to trace the source of a message. This invites the same sort of stuff. Someone I know has pointed out that once you have enough incompatible changes to need a new version number, you have a new protocol so you might as well give it a new name. R's, John _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
