[Ietf-dkim] Re: DKIM works fine

Tue, 08 Apr 2025 21:15:47 -0700 

On 4/8/2025 5:43 AM, Alessandro Vesely wrote:

On Sun 06/Apr/2025 20:56:35 +0200 Dave Crocker wrote:

...
The semantics of the new effort really are orthogonal to DKIM. (And that is one of the reaon the technical errors in the Motivation draft demonstrate a fundamental misunderstanding, rather than being minor distractions.) 
...
AIUI, countering replay is a major semantic difference.  DKIM bears the concept of identifying a domain responsible for a message regardless of which hops forwarded the message.  It overcame SPF in this regard.  However, replay is a trouble for freemail providers, as it prevents them from controlling the spread of a message.  As it turns out, spread can be controlled by tweaking a few technical knobs of DKIM.  The result, of course, is something different. 

No it cannot.  It cannot control distribution.


What it CAN control is use of the DKIM domain name for reputation 
analysis.  And this is a very large difference, especially given the 
human factors of phishing.



Also, addition of this additional control does not require modifying 
DKIM itself.




Although different, DKIM2 shares a huge amount of concepts developed 
alongside DKIM, from the tag=value specification, to underscored 
domains and key distribution, to hashing and signing. The latter, 
signing, seems to be the most widely known feature of DKIM.  "If you 
see DKIM-Signature: don't autoconvert."  It has had a significant 
impact on the email ecosystem.  It is from this point of view that 
DKIM and DKIM2 are two of a kind.



tag=value is a construct that has been in use since the start of 
networking.  An RFC733 header field is, really, tag=value.


Crypto hashing was around long before DKIM, too.


But, sure, it is likely the new thing can share some code from the old 
thing.  This does not make them semantically related, which the name 
incorrectly implies.



d/

--
Dave Crocker

Brandenburg InternetWorking
bbiw.net
bluesky: @dcrocker.bsky.social
mast: @dcrocker@mastodon.social

_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org






















					Reply via email to