On Mon, Nov 14, 2016 at 4:37 PM, Scott Kitterman
<ietf-dkim(_at_)kitterman(_dot_)com>
wrote:
Doesn't that presuppose point-to-point handling? The proposal here
doesn't.
Your proposal breaks all non-point-to-point handling, if I understand it
correctly, so whether you make DKIM signatures non-forwardable or do it in
DMARC policy, it's the same end result.
How does it break all non-point-to-point handling? It does break if the
envelope has to change, but that's not what I think of when you say
"point-to-point"; it makes me think of mail from A to C that happens to
transit B, which should survive just fine.
I think your pushing a substantial change to DKIM and to the extent this
is a reasonable problem to solve, DKIM isn't the right layer in the email
authentication stack to do it.
Ah, yes, that's a plausible argument.
I think the solution to "I have a problem that results when I sign spam"
is "don't do that", not the entire community turns on its head to work
around someone's local configuration problems.
Yes, I agree that's the preferable solution. It sounds as if there are
some operators (well, at least one, I think) that are having a problem for
which "don't do that" is an expensive solution, and a question has been
posed about the possible existence of an easy, incremental protocol
solution for it. It's fine if the answer is "no", but I'd like to have the
discussion without prematurely slamming any doors.
-MSK
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html