On 7/23/2012 8:20 AM, Murray S. Kucherawy wrote:
On Mon, Jul 23, 2012 at 7:28 AM, Dave Crocker <dhc(_at_)dcrocker(_dot_)net
Here are two small tweaks that might correct things:
y This domain is testing DKIM. Verifiers MUST NOT treat
from Signers in testing mode differently from unsigned email.
This covers both successful and failed verification.
Verifiers MAY wish to track and report testing mode results to
assist the Signer.
This isn't quite right, I think. For a signed message that verifies, a
negative reputation should still be considered applicable. A positive
one should not. That's not equivalent to unsigned.
Verification doesn't matter.
Again, the current normative text is straightforward and reads:
"Verifiers MUST NOT treat messages from Signers in testing mode
differently from unsigned email,..."
That's an absolute. It's does not depend upon whether the signature
validated or didn't validate. It says that the processing of the
signature is not to affect the handling behavior.
All I did with the modifications is to add some brute force assurance
that the reader will not misinterpret or miss criteria or implications.
The changes do not change the existing semantics.
NOTE WELL: This list operates according to