Well, the issue is that if, say with the above example, signer #3
signs the other three signature headers, and then the next hop
re-orders them, the verifier can still figure out which records signed
which others.
So what?
So the signature can survive the reordering; it's essentially a helper
for canonicalization.
I'm not suggesting it's critical, only that it was suggested, that we
had no further discussion on it, and that it's an alternative to Paul's
proposal and should be discussed together with it.
Barry
--
Barry Leiba, Pervasive Computing Technology
(leiba(_at_)watson(_dot_)ibm(_dot_)com)
http://www.research.ibm.com/people/l/leiba
http://www.research.ibm.com/spam
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html