| I have nothing much useful to add, except to say that I’m pro removing the DKIM header for other privacy reasons. I also think the ietf signaling support for this would be helpful in getting large email providers to push forward with solutions here.
==Mike On 11/22/2022 6:12 AM, Scott Kitterman wrote:On Tuesday, November 22, 2022 8:48:48 AM EST Alessandro Vesely wrote:
On Tue 22/Nov/2022 01:21:00 +0100 Murray S. Kucherawy wrote:
We actually seemed to like the idea, at least back then, that the
signature
survives delivery so that it can be validated at any point later.
Indeed, there are products, like Lieser's DKIM verifier plugin for
Thunderbird[*], which verify DKIM on the MUA.
My desktop MUA of choice (kmail) includes the capability too.
To the extent there is serious pressure to aid MUA awareness of the DKIM header-field for a received message, we can specify renaming the field (and removing the actual signature value.)This retains the desired signalling information, without being useful for replay.d/-- Dave CrockerBrandenburg InternetWorkingbbiw.netmast:@[email protected]_______________________________________________Ietf-dkim mailing list[email protected]https://www.ietf.org/mailman/listinfo/ietf-dkim
|
_______________________________________________
Ietf-dkim mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf-dkim
