On 16/02/2023 23:17, Dave Crocker wrote:
On 2/16/2023 2:04 PM, Evan Burke wrote:
1hr is at the very low end of the scale, only appropriate in narrow, specific
circumstances. I think you're right that 2+ days is the right range for most
mail.
The historical common choice, for when to stop retrying mail delivery, has been
3 days. This was a matter of discussion some years ago and as I recall, was a
comfortable choice.
And we got a note observing that replay attack can reasonably begin within
minutes of original posting.
This produces a choice for setting a timeout that is wholly ineffective or one
that destroys retries of leigimate mail delivery attempts.
Does that not assume that the point where a message is held during delay is
after the point of signing?
--
Cheers,
Jeremy
_______________________________________________
Ietf-dkim mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf-dkim
