On Sun, Nov 20, 2022, 11:08 Dave Crocker <[email protected]> wrote: > Seriously. DKIM is intended as a transit-time mechanism. When delivery > occurs, transit is done. So DKIM has done its job and can (safely?) be > removed.
One of the informational RFCs the original working group produced discussed this. A reason (maybe the reason) the envelope was not included in the signed content was so that the signature could survive without an envelope, meaning it could be retrieved from a mailbox and re-verified. I don't know, though, if anyone does this regularly, but it's been shown to be useful in some circumstances. -MSK
_______________________________________________ Ietf-dkim mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-dkim
