-----Original Message-----
From: william(at)elan.net [mailto:william(_at_)elan(_dot_)net]
Sent: Tuesday, August 23, 2005 3:33 PM
To: Hallam-Baker, Phillip
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] BCC Recipients
On Tue, 23 Aug 2005, Hallam-Baker, Phillip wrote:
This doesn't help for BCC recipients at the same domain.
The only way to sign BCC in my view is to provide a per
user signature
constructed by means of an HMAC.
For example message is "Hello World", Sending it to dot(_at_)dotat(_dot_)at
So I construct a BCC identifier HMAC ("dot(_at_)dotat(_dot_)at", SHA1("Hello
World"))
Or something of that nature. That means that the BCC recipient can
verify it was sent to them while preventing any To: or CC:
recipient
knowing anything more than that there is a BCC.
While its cool idea, I fear it may not be 100% doable because
when message
is sent to bcc recipient, the address originally in bcc (and
which becomes address in 2821 RCPTTO) may not be final
address seen in RCPTO when message is delivered (i.e. if
message is further forwarded for example).
BTW - why HMAC? You could do just SHA1("dog(_at_)dotat(_dot_)at","Hello
World")
All you need is a salt that is message dependent. HMAC is better from a
purist point of view.
_______________________________________________
ietf-dkim mailing list
http://dkim.org