On 9/29/2020 1:26 PM, Dave Crocker wrote:
On 9/29/2020 6:40 AM, Hector Santos wrote:
On 9/27/2020 11:44 PM, Dave Crocker wrote:
DKIM has a single signature binding requirement, the 5322.From
DMARC establishes the relationship.
I don't read it that way.
DKIM binds the signer d= domain and the from.domain with no
enforcement on it nor any indication that they are related when they
not the same (the missing link).
Absolutely not. Please re-read the DKIM specification more carefully.
It is quite explicit that it is doing not doing this.
To the extent that you remain convinced of what you are claiming, you
need to point to the documentation that supports that view.
It began with the theory, and first implementation DomainKeys and its
built-in policy tag "o=". Followed by DKIM early drafts with its
enhanced signature and extended policy tag "o=" formerly known as SSP
when separated from DKIM to create DKIM-BASE and ADSP as WG proposed
standard work items, ADSP poisoned, returns as DMARC, since then.
Since the very beginning, my implementation, one of the better
implementations of DKIM in the market, algorithmically and
programmatically, follow the DKIM-BASE, DKIM-POLICY process model
which binds, at a minimum, the RFC5322.From header, with a signer
domain with an inherent and implicit and explicit intent and reason
for this association.
Per the abstract, my experience suggest the question has never been
answered, nor the association separated from the original concept.
Do you have an algorithm that replaces the current one?
--
Hector Santos,
https://secure.santronics.com
https://twitter.com/hectorsantos
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
