Sorry for replying to myself, I was in a hurry....
On Sat 26/May/2012 10:57:46 +0200 I wrote:
Second, for XXX, I'd suggest updating RFC 5451 and extend it as
appropriate.
A question is that the client-added header field should be signed in
order to be considered reliable. This wouldn't be a problem, in
principle. However, that's not how DKIM is usually implemented.
(Otherwise, it wouldn't be problematic to learn whether the server
supports 8bitmime or smtputf8.)
Are there use cases where delivery /has/ to be secure? Courier-MTA
sports a "SECURITY" extension that does so [*]. But even in that
case, having a signed field is quite complicated. Perhaps, DKIM
signers should have a sign-again parameter that directs them to undo
the signing they just did (the sending client just has to notice it)
and redo it on a slightly varied message --quite inefficient.
[*] http://www.courier-mta.org/draft-varshavchik-security-smtpext.txt