It appears that Andrew Gallagher <[email protected]> said: >On 10 Aug 2025, at 18:50, John Levine <[email protected]> wrote: >> >> The current version of unobtrusive signatures uses PGP keys. If you want to >> look >> them up in the DNS, RFC 7929 tries to do that > >The suggestion was that the DNS lookup portion of DKIM v2 would *not* be >shared with unobtrusive signatures, only the canonicalisation >rules.
I still don't understand what probblem this is supposed to solve. The DKIM canonicalization stuff is mostly relevant to mail headers. While there are strict and relaxed canonicalization models for the body, in practice intermediate mail systems do not mess with the body and the two work the same. The current draft is a way of wrapping PGP signatures of a single MIME body part containing copy of the message. Even fewer mail systems mess with the contents of a single MIME body part, so there's nothing for DKIM to canonicalize. Note that DKIM's header canonicalization is about the real message headers, not the ones inside the MIME part. R's, John _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
