On Tue 02/Jul/2013 17:37:20 +0200 Michael Deutschmann wrote:
On Tue, 2 Jul 2013, Alessandro Vesely wrote:
(subject adjusted)
A sender using SRS would need to maintain a database of valid addresses.
[...] That's where EDSP can save the day.
That's off in the weeds. EDSP would not take any notice of i=, and is
not there to enhance SRS -- rather it's something of a competitor. (Both
try to make return path validation work in spite of forwarding.)
The point is what any of them might be useful for.
It has to be in the message content for DKIM to be applicable.
Core DKIM is only tasked with determining if a signature is genuine, not
if the signature is relevant. Therefore it doesn't matter if part of the
information EDSP uses to determine relevancy is out of band.
Yes, one just needs to maintain his own software to run it :-/
BTW, there is already a hack in how that's implemented, because they
used no l=0 tag. So, if the bounce they get has text/rfc822-headers
only, they have to "assume" that the body hash matches. Perhaps, they
reasoned that they can still verify the SRS hash, and that an assumed
but variable bh= is still better than the constant body hash specified
for l=0. Depending on what library they use, implementing that could be
as simple as checking the return code.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html