----- Original Message -----
From: "Earl Hood" <earl(_at_)earlhood(_dot_)com>
To: <ietf-dkim(_at_)mipassoc(_dot_)org>
On October 19, 2005 at 15:13, "Hector Santos" wrote:
1) The signer can use the z= tags to save the header signing data.
Unfortunately, the verification algorithm, as it is currently designed,
does nothing with z=. I think z= needs to be reconsidered, as
I have noted awhile back (probably on ietf-mailsig).
An implementator can add a quick loop to check the z= headers against the
actual headers, as we did, as part of a diagnostic reporter to find out
where there would be early integrity. In other words, if Z= is present,
then it must match existing headers. If not.....
"msg #123343434: Warning, DKIM integrity failure: Subject line"
Anyway, I think the positives outweigh the negatives.
It seems that a mailing list that mucks with a message is a good
test case for how DKIM survives, or addresses, such behavior.
This is where the challenge is, not with lists that just re-direct
messages without alteration (except maybe the addition of trace
fields and List-* fields).
As I said, if this was intentional to help promote DKIM problem solving,
then all fine by me. I suspected these list admin had good reasons. <g>
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
ietf-dkim mailing list
http://dkim.org