Folks,
If the list does sufficient damage to the message that any incoming
...
And that assumes the original signature doesn't contain some future option
that the list doesn't know about - such as a variant l=.
So the actual rules would need to be:
If original verifies
and if I think I've modified badly...
Mark's note demonstrates two things to me that suggest strategic guidance for
the working group:
1. The initial technical spec needs to allow replacing one signature with
another and it needs to allow multiple signatures. The rule for DKIM-aware
mediators replacing the signature probably should something like "if you break
it, you own it".
2. The behavior of additional signers for a message may need to be relatively
complex. Complexity requires effort to understand, before writing it into a
standard. So the details of this sort of behavior needs to be deferred beyond
the current scope of the working group.
In other words, this looks like an interesting an useful topic, but one that
does not need to be in the critical path of the current working group effort,
except for item 1, above.
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
ietf-dkim mailing list
http://dkim.org