Dave Crocker wrote:
I would be surprised though if the result for the signature construct
(which may be a bit of a special case here) didn't have the "best"
security option as the MUST-implement, even if it has the legacy
signature construct as a MAY-emit. But we'll see when we get there...
Just to be obsessively careful, here: Having one choice as a MUST and
another as a MAY would seem to be mutually exclusive, if only one choice
is allowed.
I said MUST-implement and MAY-emit - seems to me to be entirely
possible, but you would have to choose for each signing operation
of course.
Hence the implication of your expectation is that all recipients will be
required to support multiple signatures...
Not sure I get you there. If you mean that a single message could
have both new and legacy signatures present then I guess that's
possible, but if so then recipients can choose which they support.
If you mean something else I'm not sure what.
Stephen.
_______________________________________________
ietf-dkim mailing list
http://dkim.org