Re: [dmarc-ietf] draft-kucherawy-dmarc-rcpts

On Mon, Nov 14, 2016 at 8:40 AM, Ned Freed wrote: > > Actually same message to same destination may be > > sent to different MTAs (e.g. different MXs with same weight). > > 2.3 Canonization must be better defined. It's usual for MTA to e.g. > > lowercase the domain of

Re: [dmarc-ietf] draft-kucherawy-dmarc-rcpts

On Mon, Nov 14, 2016 at 6:01 AM, Vladimir Dubrovin wrote: > 1. This standard is not backward compatible with existing DKIM > implementations. It makes it useless. In addition, in it's current form it > can not be implemented in most MTAs (see below) > 2. This standard

Re: [dmarc-ietf] draft-kucherawy-dmarc-rcpts

On Mon, Nov 14, 2016 at 4:40 AM, Steven M Jones wrote: > So per Section 5, this form of DKIM signature will fail to verify at a > receiver who doesn't implement the new feature, period. And in fact any > forwarding - whether it alters the RFC5322 message or not - would > produce

Re: [dmarc-ietf] draft-kucherawy-dmarc-rcpts

> 1. This standard is not backward compatible with existing DKIM > implementations. It makes it useless. In addition, in it's current form > it can not be implemented in most MTAs (see below) It wouldn't work at all in our MTA without modifications because our general filter interface currently

Re: [dmarc-ietf] draft-kucherawy-dmarc-rcpts

On 11/12/2016 22:50, Murray S. Kucherawy wrote: > I've posted a draft that attempts to address an attack that's begun to > appear with DKIM. Interestingly, we called it out as a possible > attack in RFC6376 and even RFC4871, but now it's apparently happening > and being annoying enough that