On Oct 15, 2010, at 9:50 AM, Murray S. Kucherawy wrote:
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Charles
Sent: Friday, October 15, 2010 7:30 AM
Subject: Re: [ietf-dkim] detecting header mutations after signing
And if we are not going to fix ADSP (yet), then the only way we can stop
that particular exploit is to fix DKIM.
Arguing that "ADSP is a completely separate discussion" will achieve
If that's consensus, then we're on the slippery slope of "fixing" DKIM to
deal with flaws at all layers above it. And we'll never be done.
Any bug fixes for ADSP need to be done at the ADSP level.
If there's a bug that needs fixing at the DKIM level then if
should be something that clearly needs fixing based on
DKIM usage. (And I think that the very narrow case of
messages that violate 5322 through multiple headers
*may* be such, but any justification of that relying on ADSP
NOTE WELL: This list operates according to