On Mon, Nov 14, 2016 at 5:53 PM, Martijn Grooten
<martijn(_at_)lapsedordinary(_dot_)net
wrote:
Finally, is there a reason the proposal doesn't sign the
canonicalized
list of recipients separately and add this signature as a separate
DKIM
tag? This could allow for a more smooth transition period.
Now that's an interesting idea.
Other than that it makes the proposal backwards-compatible, it also
gives some insight in possible replay attacks against DKIM. And it
allows a spam filter that uses DKIM to make more granular decisions,
e.g. "this looks like a replay attack, but the sender is a known list
server, so it's probably okay".
Yeah, so far I'm liking this idea even better than the original. I'll do
up a new version and see what it looks like.
-MSK
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html