If anything we do to prevent the replay attack requires that the receiving domain do something for the sending domain, it's going to be a heavy lift to get all of those receivers to implement that solution. That's doubly true if it takes away functionality that the receiver uses which would make them openly hostile to it.
My thinking of x= at the time was a way to not have the signature considered immortal. No it does not invalidate it of course, but nothing can force a receiver to invalidate a signed message. So any solution that involves the receiver is based on their good will. Since x= has been in the spec forever, there is a decent chance that receivers already implement it though it's really hard to tell from the outside. And the receiver actually has a stake in this since it's the sending domain giving it advice to protect itself. That is no different than expiries in x.509 certs. The receiver implements it because it's in their interest to implement it.
We should at least concede the point that asking the receiving domain to do something is nothing different than asking them to honor x=. In fact it's even better than stripping signatures which is trivially avoidable since it gives *signed* advice to the receiver of the sender's intent when they signed it. Receivers have a stake in advice that narrows the attack surface. They have no stake in just stripping signatures because... well, who knows.
Mike _______________________________________________ Ietf-dkim mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-dkim
