I am guessing here that the envelope address can be included in
the signature. This allows a binding between the envelope data
and the message data. May be useful in replay detection and
provides clear indication of what is presented in the envelope
vs the data (for forensic and auditing purposes).
This idea has been kicked around a few times. You can essentially audit the
changes in RCPT TO as the email transits the system and if an unbroken lineage
goes all the way back to the content - you know you have a bona-fide
There are three issues with this: First the assumption that the first RCPT TO
is derived from 2822; second, multiple recipient mail - as an SMTP optimization
goes away; three, BCC: mail would need to include a BCC: header.
ietf-dkim mailing list