On August 17, 2005 at 00:25, "Hector Santos" wrote:
Based on what I see in one of Michael Thomas's signed DKIM messages, it
looks like the fields are:
Authentication-Results: signer domain;
header.from=address;
` dkim=PASS|FAIL|NEUTRAL?;
(comment)
Is this defined somewhere?
Not in detail. The DKIM draft just says to use Authentication-Results.
But some have raised concerns that Authentication-Results is not
sufficient.
I raised the idea of having status codes so results can be more
granular, allowing for better decision making processes downstream.
What has not be discussed is what about multiple signatures.
Are there multiple result fields?
What about attempts to spoof the result fields? If a DKIM verifier
sees a results field, should it remove it to avoid spoof attempts?
A verifier may want to sign the results field, allowing for downstream
verifiers to verify the integrity of the validation.
--ewh
_______________________________________________
ietf-dkim mailing list
http://dkim.org