It seems like the plus addresses show up in the RCPT TO envelope line
and may not show up anywhere else. (That is when the TO is mailing
list, or when a BCC is used.)
Can we be sure that plus address will be visible to the MUA?
/Russell
Niceties:
Plus-addressing is not exposed to the humans, just the transport
layers (and perhaps some headers for better tracking/auditing).
The addresses humans use don't need any change. They never see or
need to type the consent tokens.
Software, and in particular the MUAs do all the token tracking,
application, checking etc, so MUAs can revoke any previously granted
token as well. Humans don't need to.
If the secret required for encoding the consent token is shared with
upstream MTAs, they can execute the consent token checks (not
revoked) at receipt time. Or, for more slightly more paranoid
arrangements, the secret may be shared only with the LDA.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg