Mark Delany wrote:
On Mon, Jan 23, 2006 at 11:23:15PM -0800, Jim Fenton allegedly wrote:
If the list does sufficient damage to the message that any incoming
signature is invalid, it might as well throw away the original
signature.
Except for the forensic value, which is, in my experience,
valuable.
How does the list know for sure? The only sure way is if it attempts
to re-verify the original signature after applying it's own
modifications.
And that assumes the original signature doesn't contain some future option
that the list doesn't know about - such as a variant l=.
So the actual rules would need to be:
If original verifies
and if I think I've modified badly
and if I understand all tags in the original sig/selector
re-verify list output to see if original sig now fails
then if re-verify fails
remove the original signature
If a list isn't fastidious about these checks then it risks removing a
"still-valid" signature because it thinks the modifications were
invalidating.
Right. Seems like an awful lot of work for <= 0 gain. The mantra
here should be "a broken signature are equivalent to no signature"
and resist this impulse to tidy up the message.
Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org