On 8/2/06, Stephen Farrell <stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie>
wrote:
Damon wrote:
> Does the DKIM verifier give a hoot about the other Recieved headers?
No (Assuming they're not signed, and the signer didn't prevent their
addition using the existing scheme in base.)
But so far verifiers don't care about whether there're one or two
or however many signatures either. My question was why additional
signatures are seen as so bad that you want to tell the verifier
to dislike them, but other trace headers are not bad enough to
need that.
As the sender whom signed the message, I want to tell the receiver to trust
mine and ignore (or dislike) the rest. I don't want anyone else to sign in
my place if I am the one signing.
Right? (forgive me I have just been able to follow the DKIM list as of very
lately.)
Basically, my concern is that this is extending SSP to cover
something (mail routing) that's not really part of DKIM.
I think the danger is in explicitly saying so. If it has an added benefit, I
wouldn't be trying to avoid bettering the inherent benefits if it does no
harm to the base.
Stephen.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html