Hi,
On 07.05.2025 00:57, Wei Chuang wrote:
I put out the "certification" process as a strawman to see if such
flexibility for arbitrary modification by a "trusted" security way is
of interest to the community. Looking at the other similar reply as
well, it sounds like no, this is a bridge too far. As mentioned in my
original description, the likely other avenue is for such forwarders
to take full DKIM2 "ownership" of the message when modified. And
another likely alternative is to ask such security gateway providers
to not modify messages that are meant to be forwarded.
-Wei
While it's a valid use-case and I don't want to rain on your ideas, it
fundamentally seems like a trust question outside of something a
standard process could hope to dictate. Akin to VMC/BIMI.
While it would not be entirely bad if DKIMv2 could also replace ARC, but
if if it boils down to trust, we'd all still have to maintain a trusted
modifier list the same way we do for ARC. If it could be automated, we
wouldn't be speaking of arbitrary modifications. Plus ARC is already
here and should do the job asked.
Best,
Taavi
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
