On 02/06/2025 21:18, Dave Crocker wrote:
On 6/2/2025 3:08 AM, Alessandro Vesely wrote:
On 01/06/2025 22:28, Dave Crocker wrote:
On 6/1/2025 4:58 AM, Alessandro Vesely wrote:
Basically, we can assume that all To:/Cc: addresses are legit, since
that's what the author intended.
2. Having multiple things to check for is more complicated than one.
Creating the extra field is trivial on the posting side.
The loop is based on local data.
I don't understand what that means.
Assuming that the verifier had access to the envelope and the header, no
further lookup are needed, not even on internal disk. So the difference
between checking multiple addresses instead of just one is negligible.
It is definitely easier than looking up the same key multiple times
(in case multiple recipients are on the same MX.)
DKOR adds no signatures.
Each message to a single recipient has a signature. The verifier has to
look up the key to verify it. Yes, after the first time it's cached,
but all in all the operation is more complex than verifying multiple
addresses.
And its requirement for one addressee per message is not special to DKOR.
The requirement is special to Bcc:, AFAIU.
Conversely, depending on the MTA filtering API, splitting messages may
require some acrobatics, like removing recipients and re-injecting the
message anew.
No. It does not.
I think you are assuming much more complex functional requirements than
DKOR has specified.
The spec says:
*A message covered by DKOR is restricted to having a single
recipient address.*
So an implementation can either apply DKOR only to messages that have a
single recipient, or split messages to multiple recipients so as to
force them to be sent to a single recipient at a time. The latter
choice may require more fiddling than is desirable.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
