Hi, On 08.08.2025 01:39, Phillip Tao wrote:
Given that there's active work on DKIM 2, I imagine this could be done by: 1. The DKIM WG explicitly splitting the core draft in two, one to cover how to canonicalize and sign a message with a given key, and another to cover how keys are to be distributed via DNS. The unobtrusive signatures draft could then explicitly use the mechanism defined in the first. 2. The unobtrusive signatures draft being modeled very closely on DKIM (but with a different key distribution mechanism).
If intention of this approach is to provide an alternative to current S/MIME and PGP signing, then such a draft should be significantly more strict in terms of which headers should be signed than the base standard. Such a mechanism should not allow the mistakes of DKIM(1), where additional or missing headers (that could be interpreted by MUAs) could be added without breaking a signature.
This means that it still probably requires a separate draft to cover canonicalization and signing.
I would also like to see explicit support for multiple such signatures and how to handle these cases, be it just different key distribution mechanisms/ecosystems or just dual-signing in the context of post-quantum algorithms.
Best, Taavi _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
