At 3:10 PM -0700 4/4/06, Michael Thomas wrote:
Signers MUST NOT remove any DKIM-Signature headers from messages
they are signing, even if they know that the headers cannot be
Is MUST NOT ok there, as opposed to SHOULD NOT? I seem to recall someone
wanting to be able to remove signatures to hide internal structure. Not
sure if that was on the list or not, and it does seem a little bit of a
corner case (one could in any case wriggle out of the problem by saying
it wasn't the signer that removed the sig, but it was some other bit of
code:-) No real opinion myself, just asking.
I copied this from Paul's original. I'm good either way, though
SHOULD seems more appropriate now.
The MUST NOT was there in the earlier proposal because the
association between p= and the headers was by hash values. This
proposal removes that, and MUST NOT is not needed. If we use "SHOULD
NOT", we need to say when it is OK to do it anyway. Proposal: "To
avoid deleting information that might be valuable to the recipient,
signers SHOULD NOT remove..."
NOTE WELL: This list operates according to