On Tue 02/Jul/2013 17:37:20 +0200 Michael Deutschmann wrote: > On Tue, 2 Jul 2013, Alessandro Vesely wrote: >> (subject adjusted) >> >> A sender using SRS would need to maintain a database of valid addresses. >> [...] That's where EDSP can save the day. > > That's off in the weeds. EDSP would not take any notice of i=, and is > not there to enhance SRS -- rather it's something of a competitor. (Both > try to make return path validation work in spite of forwarding.)
The point is what any of them might be useful for. >> It has to be in the message content for DKIM to be applicable. > > Core DKIM is only tasked with determining if a signature is genuine, not > if the signature is relevant. Therefore it doesn't matter if part of the > information EDSP uses to determine relevancy is out of band. Yes, one just needs to maintain his own software to run it :-/ BTW, there is already a hack in how that's implemented, because they used no l=0 tag. So, if the bounce they get has text/rfc822-headers only, they have to "assume" that the body hash matches. Perhaps, they reasoned that they can still verify the SRS hash, and that an assumed but variable bh= is still better than the constant body hash specified for l=0. Depending on what library they use, implementing that could be as simple as checking the return code. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
