> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Alessandro Vesely > Sent: Sunday, January 29, 2012 5:32 AM > To: [email protected] > Subject: Re: [marf] rd= Reporting Domain Tag In draft-ietf-marf-dkim-reporting > > On 28/Jan/12 16:14, Scott Kitterman wrote: > > My proposal is to drop 3.1. Extension DKIM Signature Tag and change > > the address construction in the ra= tag to use the signing domain (d=) > > in the signature. In this manner the reports will only go back where > > they came from (in a general sense). > > Murray introduced 3.1 after John pointed out an attack path in > http://www.ietf.org/mail-archive/web/marf/current/msg01775.html > > I guess this feature is needed in order to account for message streams > <http://tools.ietf.org/html/rfc6377#section-2.5>, but I'm looking > forward to Murray's word on this. > > The general statement seems to be that <[email protected]> is > a valid address for reporting _something as long as there is a RR that > says > > _report._something.example.com. TXT "[...]whatever-local[...]" > > Correct?
Yes, though I think I agree that being able to include an alternate domain name in the algorithm creates more exposure than it fixes, so rather than "rd=domain", we should just have "r=y" in the DKIM reporting document. I'll do this in -07 unless there's a better idea. -MSK _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
