On Tue, Aug 19, 2025 at 11:36 AM Phillip Tao <ptao= [email protected]> wrote:
> Apple clients also verify DKIM 1 today. I didn't know there were other > parties doing the same, but it makes sense, for I imagine the same reasons > that Apple wants to do it. > > This is all the more reason, then, for these changes. > I have to find the specific sections, but I recall RFC 6376 talking about why client verification of signatures is not a great idea. Keys rotate, for example, so long-term signature validation is not guaranteed to be reliable. People who were around in the RFC 4871 days may remember other reasons why the general position was that this wasn't something worth pursuing. What's changed? -MSK
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
