On 5/17/2024 7:12 AM, Taavi Eomäe via mailop wrote:
Although some of these dangers have been known for a while (some parts
are even described in the RFC itself), things like the threat
landscape, our approach and the extent to which this can be abused
have changed. In our opinion previously suggested and (rarely)
implemented mitigations do not reduce these risks sufficiently.
We hope that with some cooperation from mail operators improved
defense measures can be implemented to strengthen DKIM for everyone.
As I recall, the original intent was to permit successful use of DKIM in
spite of mailing lists' addition of footer text.
I think the view of damage from DKIM failure and/or abuse was rather
more benign than suits today's email world.
It wasn't a great feature at the time and now it is worse than that.
Seems like the right approach is to seek community-wide pressure to
deprecate it. First through operational pressure and then with an
update to the spec.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
mast:@dcrocker@mastodon.social
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
