ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] list config, was Admilistrivia question

2005-10-19 18:35:37

----- Original Message -----
From: "Earl Hood" <earl(_at_)earlhood(_dot_)com>
To: <ietf-dkim(_at_)mipassoc(_dot_)org>

On October 19, 2005 at 15:13, "Hector Santos" wrote:

1) The signer can use the z= tags to save the header signing data.

Unfortunately, the verification algorithm, as it is currently designed,
does nothing with z=.  I think z= needs to be reconsidered, as
I have noted awhile back (probably on ietf-mailsig).

An implementator can add a quick loop to check the z= headers against the
actual headers, as we did, as part of a diagnostic reporter to find out
where there would be early integrity.   In other words, if Z=  is present,
then it must match existing headers. If not.....

     "msg #123343434: Warning, DKIM integrity failure: Subject line"

Anyway, I think the positives outweigh the negatives.

It seems that a mailing list that mucks with a message is a good
test case for how DKIM survives, or addresses, such behavior.
This is where the challenge is, not with lists that just re-direct
messages without alteration (except maybe the addition of trace
fields and List-* fields).

As I said, if this was intentional to help promote DKIM problem solving,
then all fine by me.  I suspected these list admin had good reasons. <g>

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com



_______________________________________________
ietf-dkim mailing list
http://dkim.org