Jim Fenton wrote:
Eric Allman wrote:
My only concern is to ensure we're not prescriptive to a
verifier. Anywhere we say "reject" probably should be changed to
"treat as unsigned" as long as there is no implication one way or
the other as to what a verifier does with that "is verified" or "is
not verified" knowledge.
At some level I agree with you. But saying "treat as unsigned" is
just as prescriptive as "reject" --- either is telling the verifier
what to do. As a verifier, I may want to just outright reject all
messages that have unsigned content. It's probably not a good idea,
but someone somewhere will want to do it someday.
"Treat as unsigned" seems a little ambiguous when there might be
multiple signatures. It might be interpreted as "treat the message as
though it is completely unsigned" as opposed to "consider this signature
invalid" which I think is your intent.
I'm a little confused by Eric's previous mail on what he was going to do,
but "ignore the signature [as invalid]" seems to convey the intent here,
falling into the trap you're referring to.
NOTE WELL: This list operates according to