Re: [ietf-dkim] one more comment I forgot...

ietf-dkim

Re: [ietf-dkim] one more comment I forgot...

2006-01-13 06:42:48


Jim Fenton wrote:

That sounds like a good discussion when we get back to the -base draft.

I'm convinced that the verifier needs to treat broken signatures as if
they weren't there:

- If broken signatures are seen as better than the lack of a signature,
it's trivial to make one up.

- If broken signatures are seen as worse than the lack of a signature,
it will serve as a disincentive to signing messages:  potential signers
might not want to do so if they risk having their messages downgraded if
they pass through an MTA that breaks the signature (or through a mailing
list that does so).


Nicely put.

Stephen.

_______________________________________________
ietf-dkim mailing list
http://dkim.org

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[ietf-dkim] one more comment I forgot..., Stephen Farrell Re: [ietf-dkim] one more comment I forgot..., Douglas Otis RE: [ietf-dkim] one more comment I forgot..., Bill.Oxley Re: [ietf-dkim] one more comment I forgot..., Stephen Farrell Re: [ietf-dkim] one more comment I forgot..., Michael Thomas Re: [ietf-dkim] one more comment I forgot..., Douglas Otis Re: [ietf-dkim] one more comment I forgot..., Stephen Farrell Re: [ietf-dkim] one more comment I forgot..., Jim Fenton Re: [ietf-dkim] one more comment I forgot..., Stephen Farrell <= [ietf-dkim] Re: one more comment I forgot..., Frank Ellermann

Previous by Date:	Re: [ietf-dkim] [Fwd: I-D ACTION:draft-fenton-dkim-threats-02.txt], Arvel Hathcock
Next by Date:	RE: [ietf-dkim] [Fwd: I-D ACTION:draft-fenton-dkim-threats-02.txt], Hallam-Baker, Phillip
Previous by Thread:	Re: [ietf-dkim] one more comment I forgot..., Jim Fenton
Next by Thread:	[ietf-dkim] Re: one more comment I forgot..., Frank Ellermann
Indexes:	[Date] [Thread] [Top] [All Lists]