Hello, Thanks to Scott for his feedback:
> Making DKIM signing MIME aware was specifically rejected during DKIM > development due to implementation complexity. I'm afraid I wasn't there, but would like to learn from the past. Any references are welcome. But what exactly do you mean by "implementation complexity"? - the need to incorporate MIME-knowledge into an MTA (which one might argue is not new -- but it is now a requirement for the signing and verifying MTA, which may have gotten by without until now) - the added complexity during signing and verification (I would agree; but argue that this reflects the complexity of the mail system, and ends there; it will not grow without bounds) - the need for two passes during verification (I am working on that; recognising an initial bit of text may be better than a rolling checksum over the entire text) - ...? I think the most important advantage of Lenient DKIM is that it avoids that a choice made in one place invalidates existing, constructive things taking place elsewhere. ARC will not solve that discrepancy; it imposes one administrator's choice onto others. To me, that is the most dire form of complexity (and a reason why people may hold back on deploying DKIM; look at this email for example, probably being rewritten to UTF-8 and thereby invalidating my DKIM-Signature made with dkimpy). Anywhere I repeat things already said, please feel free to point me back to discussions I've missed. Thanks, -Rick _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
