On 3/31/25 5:30 AM, Taavi Eomäe wrote:
On 31/03/2025 15:25, Brotman, Alex wrote:
I have a hard time believing that all the libraries focusing on
DKIMv1 will go back and create some code to handle this case.
Indeed, they probably won't. Which is exactly why it might be better
to have those old implementations continue stripping signatures
they're breaking.
It was always a bad idea to strip signatures, and continues to be. The
text of DKIM couldn't be more clear that a broken signature is
equivalent to no signature and broken signatures have always had
forensic value.
Mike
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
