It is just that they do not provide `full`
DKIM, but `only` DKIM without replay protection (class 2)
Amir,
I'm a bit confused.
Please cite the documentation that distinguishes "full" DKIM from "class 2"
DKIM. I have never heard this distinction before.
I thought that there was exactly one DKIM and that it provided a single
mechanism for authenticating an identity associated with a message body and
selected RFC2822 headers.
I do not recall DKIM's pursuing the topic of replay, except to protect against
someone modifying an authenticated message and resending it. (That is,
fraudulent content, rather than merely re-sending the same, validated content
to
new addresses.)
DKIM clearly does not protect against re-sending to different RFC2921.rcpt-to
headers.
So I'm quite confused about the nature of this thread, since it seems to go
considerably beyond the stated goals and capabilities of DKIM.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim