Murray --
It sounds like what you really want to do is to cause b= to be unique. That
could be accomplished by just adding some hash-collision resistant number
of random bytes. Or you could use those random bytes directly, I suppose.
Mike
Murray S. Kucherawy wrote:
Douglas Otis wrote:
Verification results based upon an added header might be spoofed
when an MTAs is not configured to remove them. In addition, these
headers will not be reliably present until universally adopted,
perhaps many years from now. While the header might be removed
normally, there could also be backup paths where the header is once
again not removed.
The transport of the verification results to the MUA or other receiver
agent that actually makes decisions on acceptance/validity of a
message (discard, file, whatever) is outside of the scope of DKIM.
However, any such method will require a way to distinguish between
signatures that is better than "I'm talking about the third one", so
that's what I'm hoping to introduce here.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html