On 28/Jan/12 16:14, Scott Kitterman wrote: > My proposal is to drop 3.1. Extension DKIM Signature Tag and change the > address construction in the ra= tag to use the signing domain (d=) in the > signature. In this manner the reports will only go back where they came from > (in a general sense).
Murray introduced 3.1 after John pointed out an attack path in http://www.ietf.org/mail-archive/web/marf/current/msg01775.html I guess this feature is needed in order to account for message streams <http://tools.ietf.org/html/rfc6377#section-2.5>, but I'm looking forward to Murray's word on this. The general statement seems to be that <[email protected]> is a valid address for reporting _something as long as there is a RR that says _report._something.example.com. TXT "[...]whatever-local[...]" Correct? _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
