On Sat, 2004-12-04 at 10:16, Dave Crocker wrote:
On Tue, 30 Nov 2004 09:45:19 -0800, Douglas Otis wrote:
Requiring those that make changes to resign the message does ensure this
process identifies those accountable. A header could be included to
allow signature validation to be cascaded.
Checking to see whether I understand your point:
A message may have at most one mass signature in effect at any one time.
However there may be multiple headers documenting validation of the
signature, such as by a receive-side border MTA and by the MDA.
As mail is received by the MDA, an mda-verification header is generated,
but this header is not allowed to exist within a message passed through
the Internet. This header is not included within the message's
signature, so this Internet exclusion is intended to protect the
header's integrity on the basis that the MDA is trusted and the sole
source for this header seen by the MUA. This affords the MUA the MDA's
This scheme would normally result in a single verification header. For
mail forwarded, the source of the initial verification should be
documented, and this involves a verification header that is intended to
be passed through the Internet and included within the resigning.
(Swapping a header name should be all that is needed.) The MSA would
simply rename the existing mda-verification header as a
pass-through-verification header. (This process should over-write an
existing pass-through-verification header.) Without over-writing, it
could become a mess otherwise.
This approach should work well for a majority of situations where a
message is modified and reissued, as example within a list server. This
pass-through-verification header documents the accountable element of
the verification used when the message was accepted into the mail
channel. If there is a problem, having this information would be useful
I see at least three independent documents-
1) channel signature
2) verification headers (should encompass all MDA level validations)
3) message state (diagnostic tool for the channel signatures)