On Fri, Mar 21, 2025 at 2:43 AM Tim via users <users@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > On Fri, 2025-03-21 at 16:26 +1030, Tim via users wrote: > > On a whim, I picked "unclassified" for this reply, to see what it does, > > and if it makes it through the list server. > > It came through the list with the header. > > However, if I reply to such a classified (of some kind) message, the > reply will not have the security header unless I deliberately add one > while replying. And you'd be unaware of this when replying. > > C minus, needs more thought. Not copying previous headers is usually a good strategy. Consider the case of the Expires: header in marketing email,[1] indicating when a message should be hidden by the UA or deleted by the server. You would not want a reply to be hidden based on an old Expires: header. And a more interesting use case (to me)... what happens when a sender's UA specifies one Security: header, and the receiver's server adds a different Security: header? What does the receiver's UA display? [1] <https://mailarchive.ietf.org/arch/msg/mailmaint/MgtSuOJFfgWbTFuAZjGwXNDMcqo/> Jeff -- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
