I wonder why the idea of binding messages' signatures to their destination domains hasn't been considered before. As Ian pointed out, this would limit replay attacks to a single destination domain.
It's certainly come up before.As I recall, the usual conclusion is that it breaks far more things than it solves, since forwarding is quite common, and abusive replay of legitimate messages is quite rare.
R's, John
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
