On Sat, Oct 28, 2023 at 8:28 AM Richard Clayton <[email protected]> wrote:
> Paying attention to the (sometimes inferred) age of a signature is also > important for reducing the opportunity for replay, viz: it would be a > Good Thing for senders to set appropriately short expire times. > Why does it have to be inferred sometimes? Have you found "t=" values to be occasionally inaccurate? The DKIM standard advises against using "x=" to combat replay attacks. We could always update that advice, but we might also want to review why it was put there in the first place. I remember the reason being a good one. I think there's also been discussion around the reliability of "x=" across implementations. Since it's not mandatory to support, it doesn't seem to be very common to produce without the expectation of consumers. -MSK, participating
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
