On 6 Feb 2024, at 14:47, Murray S. Kucherawy wrote: > On Tue, Feb 6, 2024 at 2:33 AM Jeroen Massar <jeroen= > [email protected]> wrote: > >> `req=dkim`: requires DKIM, messages not properly signed are then to be >> rejected/quarantined based on 'p' policy. >> > > This sounds like what RFC 5617 tried to do, minus the constraint that the > signing domain be equal to the author domain, which is one of the key > pieces of DMARC. Isn't this a pretty big scope expansion?
For the record, RFC 5617 did constrain the signing domain to be the author domain. From Sec. 2.7: > An "Author Domain Signature" is a Valid Signature in which the domain name of > the DKIM signing entity, i.e., the d= tag in the DKIM-Signature header field, > is the same as the domain name in the Author Address. -Jim _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
