Alessandro Vesely wrote:
I see these generic possibilities:
First party Example:
From: user(_at_)example(_dot_)com
DKIM-Required: example.com
DKIM-Signature: d=example.com h="From:DKIM-Required"
Yes, that's possible, but seems useless. What I've been thinking about is
From: user(_at_)example(_dot_)com
DKIM-Required: list.example
DKIM-Signature: d=example.com h="From:DKIM-Required"
If it were agreed that a signature may be not valid unless
countersigned by the recipient, the risk of replay attacks would be
greatly diminished.
So in the above, the originating message author is telling the world
that the domain list.example is expected to resign? so it ends up
like this?
From: user(_at_)example(_dot_)com
DKIM-Required: list.example
X-DKIM-Signature: d=example.com h="From:DKIM-Required"
DKIM-Signature: d=list.example.com h="From:DKIM-Required"
X-DKIM-Signature means that it was stripped and/or nullified in the
in distribution. Illustrated above to show there was a change.
Am I reading your proposal correct here?
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html