Dave,
Dave Crocker wrote:
1. The initial technical spec needs to allow replacing one signature
with another and it needs to allow multiple signatures. The rule for
DKIM-aware mediators replacing the signature probably should something
like "if you break it, you own it".
2. The behavior of additional signers for a message may need to be
relatively complex. Complexity requires effort to understand, before
writing it into a standard. So the details of this sort of behavior
needs to be deferred beyond the current scope of the working group.
In other words, this looks like an interesting an useful topic, but one
that does not need to be in the critical path of the current working
group effort, except for item 1, above.
I think I like this approach - keeping stuff off the critical path
to the extent possible, but I'm a bit unclear as to where the
suggested boundary is here. Maybe the answer to this questions will
help me out:
Does #1 above include specification of *a* way for a mailing list
to add its signature to an already signed message, s.t. there is a
chance that both signatures can verify at the end-recipient's MTA.
(I can imagine that there'll be variations on how to do this, but
I assume that any such variations would be off the critical path.)
Stephen.
_______________________________________________
ietf-dkim mailing list
http://dkim.org