--On 15 October 2010 11:53:51 -0400 Dave CROCKER <dhc(_at_)dcrocker(_dot_)net>
On 10/15/2010 11:40 AM, Mark Delany wrote:
Well, if you want to introduce semantic changes why not just change
the meaning of h=from:to: to be semantically identical to
This would mean that it is /never/ ok to add a listed header field after
signing. Adding would /always/ break the signature.
I assumed that the proposal applied only to headers rfc5322 says cannot be
duplicated. This is almost the same as saying that non-compliant messages
MUST not verify, but more explicit, and therefore more helpful to
implementers of verification code.
That's a very powerful semantic change.
Not particularly, if these messages are already not supposed to verify.
I've no idea that it's completely safe. It seems like it ought to be,
but I worry about corner cases.
ps. I would expect such a semantic change to require re-cycling the spec
IT Services, University of Sussex
For new support requests, see http://www.sussex.ac.uk/its/help/
NOTE WELL: This list operates according to