On 12/25/22 03:37, George Michaelson wrote:
If an expires: field was included in a dkim signature would it alter
how you felt about it?
I understand your opposition due to risks of misapplication, I'm
asking if authenticity plays any role in this.
Eg if dkim signed and date is after submission date, then I feel
differently to signed with an expires header in the past even when
sent. The first is a reasonable statement made by a sender. The second
can't really to be.
Not sure of whom you're asking the question, and I'd have to see the
details worked out before I came to a conclusion. But I suspect there
might be a way to use DKIM (or for that matter S/MIME and/or PGPMIME) in
such a way as to address some of my concerns about Expires.
(The devil is in the details, and authentication isn't the only
problem. But it is one problem.)
Keith
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
