@techreport{kucherawy-dkim-rcpts-01,
    number =    {draft-kucherawy-dkim-rcpts-01},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-kucherawy-dkim-rcpts/01/},
    author =    {Murray Kucherawy},
    title =     {{Including Recipients in DKIM Signatures}},
    pagetotal = 8,
    year =      2016,
    month =     nov,
    day =       15,
    abstract =  {The DomainKeys Identified Mail (DKIM) protocol applies a domain-level cryptographic signature to an e-mail message. DKIM only guarantees authenticity of the message content and does not consider the message envelope. This allows for replay attacks by recycling a signed message with an arbitrary new set of recipients. This document presents a protocol extension that can include original envelope information in the signature data, so that an altered that information renders the signature invalid.},
}