On 12/7/22 1:47 PM, Murray S. Kucherawy wrote:
Yes, it's definitely true that the standard was written from the
perspective of delivery-time evaluation, and then sending that result
to MUAs rather than having MUAs actually do the evaluation. So
although 4686 says that's a design goal, 6376 sure doesn't have that
flavor.
That's certainly what we had in mind as to how to deploy it, there
certainly was no reason to preclude MUA's or other validators to use the
signature as well.
It is absolutely within the purview of the reconstituted WG to "fix"
this by clarifying using current operational realities and acquired
experience. An applicability statement, for instance, would not be
out of the question.
Part of the problem is that use for forensics is essentially opaque. We
really can't know with any certainty how often it is used because
companies aren't in the habit of letting the world know about phishing
attacks against them, for example.
And therein lies the problem: the only difference between forensics of
the phishing kind and the Her Emails kind is the intent of the
investigation which is a very layer 8 difference. For all of the layers
below, they are identical.
Mike
_______________________________________________
Ietf-dkim mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf-dkim
