On 5/26/2025 4:15 PM, Dave Crocker wrote:
I've gone into detail (again) below, responding to specifics in the
Motivations draft, but here is a summary:
* A normative practice to have only one recipient per message.
This is needed for O/R signing, but does not need a change to
DKIM, per se.
* A mechanism that permits specifying and protecting originator
and recipient, at each handling site that changes one or
both. This is what DKOR does.
* A BCP specifying what header fields need to be signed. This is
a usage change, rather than a technical change, to DKIM.
* Change-description mechanism, to permit reversal. Completely
independent of DKIM (or DKOR) per se.
Just realized I left off:
* A BCP specifying the changing of the return address, at each MTA
and intermediary, to be an address that refers to that MTA or
intermediary.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
bluesky: @dcrocker.bsky.social
mast: @[email protected]
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
