ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Re: dkim service

2005-10-13 21:11:07
from [Jim Fenton] [Permanent Link] 
John Levine wrote:


What I am mostly seeing here is that we don't have a clear model of
the ways that people will use multiple signatures.  Let's say your
message has three sigs from Able, Baker, and Charlie (in that order if
you care about order.)  Able and Charlie verify, Baker doesn't.  Now
what do you do?
I have come to the conclusion that you just need to behave as if Baker isn't there at all. If you treat the message more favorably, people will insert bogus signatures to make that happen. If you treat the message less favorably, you risk penalizing a message that got modified in transit, or in this case possibly signed by a defective intermediary. 

-Jim
_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Re: dkim service, Douglas Otis
Next by Date:  Re: [ietf-dkim] Re: DKIM BOF -- draft charter and agenda, Ned Freed
Previous by Thread:  Re: [ietf-dkim] Re: dkim service, Douglas Otis
Next by Thread:  Re: [ietf-dkim] Re: dkim service, John R Levine
Indexes:  [Date] [Thread] [Top] [All Lists]