Hi All, I had a bunch of conversations at M3AAWG which led to me spending a bunch of time on both the modification draft (making it line based rather than character based) - I've just uploaded an updated draft.
But also, did a lot of thinking about how to support multiple RCPT-TO in a single SMTP transaction. I think in the case where we don't mind leaking multiple RCPT-TO, it's actually viable to have multiple `DKIM2: i=MAX` headers, one for each recipient; so you might send a message with multiple recipients like: DKIM2: i=1; mf=al...@example.com rt=b...@example.org; d=example.com DKIM2: i=1; mf=al...@example.com rt=br...@example.org; d=example.com DKIM2: i=1; mf=al...@example.com rt=she...@example.org; d=example.com DKIM2: i=1; mf=al...@example.com rt=xav...@example.org; d=example.com And then the message over the wire could have: MAIL FROM:<al...@example.com> RCPT TO:<b...@example.org> RCPT TO:<br...@example.org> RCPT TO:<she...@example.org> RCPT TO:<xav...@example.org> Note that we're still signing each recipient individually. Then if Sheila has a forwarding rule, it only keeps her i=1 header, so that forwarded message would contain: DKIM2: i=1; mf=al...@example.com rt=she...@example.org; d=example.com DKIM2: i=2; mf=dkim2-boun...@example.org; rt=she...@example.home; d=example.org ... Obviously you'd still have to be careful in the BCC case to split the message, since you can't guarantee that the receiving system is DKIM2-aware and willing to strip that BCC's address from the messages before delivering it to all the recipients, but for a corporate situation with large CC chains and attachments, this would stop the message having to go across the wire multiple times, though it would still have to calculate a separate signature per recipient. Bron. -- Bron Gondwana, CEO, Fastmail Pty Ltd br...@fastmailteam.com
_______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
