Arvel Hathcock wrote:
? supporting multiple signatures on single messages
Humm... not sure about this one. If verifiers only supported a single
signature it would be wise for signers to strip out any existing
signatures before re-signing. That would cause the loss of
"potentially" useful data wouldn't it? But, come to think of it, old
signatures don't verify (otherwise, why resign the message at all)
There may be cases where an intermediary (e.g. MTA or mailing list)
which DKIM-signs its outgoing messages, will receive a DKIM-signed
message, e.g. if the MUA signed it (for MTA), or if the sending domain
signed it (for mailing list). In some of these cases, the original
signature may still provide additional useful information for the
recipient. Why should we exclude this? The only good answer I see if
simplicity, but I think determining that the complexity/functionality
tradeoff justifies excluding this should not be done at the chartering
phase, and requires fair evaluation.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI:
http://AmirHerzberg.com/TrustBar
Visit my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame
_______________________________________________
ietf-dkim mailing list
http://dkim.org