Dave Crocker wrote in <[email protected]>: |On 6/2/2025 2:07 PM, Alessandro Vesely wrote: | ||So an implementation can either apply DKOR only to messages that have \ ||a single recipient, or split messages to multiple recipients so as \ ||to force them to be sent to a single re |cipient at a time. The latter choice may require more fiddling than \ |is desirable. | |As discussing at the last IETF meeting -- and many times before -- \ |single-addressee email is already the norm. | |As also noted at the meeting, getting clever to do it only sometimes \ |adds complexity, which is generally a Very Poor design choice for Internet \ |technical standards.
It is exactly the same complexity as fishing out headers from the header stack in order to sign, and especially verify (in alignment with how the signer did) them. All the proposals add the complexity / problem of splicing a message into potentially many (based up)on the SMTP envelope level. I say: sorting those recipients on a per-recipient-domain level does not add a frightening amount of complexity. To say the least. It was not so often on this list, with the single recipient email. I would consider it a very poor design choice for a technical standard to mutilate its carrier protocol beyond any measure. And needlessly so: there was not a single technical point layed out yet that proves single recipient is useful. What for?? Replay is impossible (i talk ACDC/EDKIM). If it is tried nonetheless, it comes from some domain. In how far does the local user matter, then? --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
