Dave Crocker writes:
> URL:
> http://www.ietf.org/internet-drafts/draft-kucherawy-dkim-delegate-00.txt
Merry Christmas for mailing lists! Mailman at least already
recommends that sites hosting lists DKIM sign, so we have nothing new
to do!
Two nits to pick. First, I'd like a whole (sub)section (containing
approximately one sentence :-) for Mediator responsibilities, even if
it's redundant with step 4 of the specification. Maybe a subsection
of section 5 (Discussion)?
Second, from the draft:
The expiration time on the Secondary signature needs to be long
enough to permit evaluation by receivers of the re-submitted
message, yet short enough to limit the potential for unauthorized
replay attacks. A good choice is a small number of days or even
hours.
Due to greylisting (I've seen a message that got greylisted twice,
once at the mailing list and once at the recipient), I'd recommend
that the absolute minimum for expiration time be 12 hours, and that at
least 24 hours be recommended.
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
