----- Original Message -----
From: "Stephen Farrell" <stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie>
So, in an attempt to move towards that, let me
try to ask for opinions on this discrete part of
the issue: When an n-th signature(*) is added by
some signer, does that mean:
a) I take independent responsibility for having
sent/fowarded (the bits of) this email (that I've
signed), or,
b) Me too, whatever that previous good signer
meant - it's not gotten worse.
I think I'd personally design different mechanisms
for each, but then maybe that's just me. Anyway,
which signer perception ought we be trying to
represent, and does the verifier care in any case?
I think it depends on your "Verifier" the guys who have to make the decision
with all the junk coming into the system how it will view it.
Sorry if I confuse the issue, but I just don't get it.
Are we suppose to turn a blind eye to the quality of the message and just
look at who is responsible? If so, then who cares what the message quality
is as long as it comes from a "good person."
I just don't understand how to read your limited options. But if I try to
understand, I think, the answer is B because Eric Allman's DKIM verification
algorithm is to declare the message DKIM verified (VALID) if atleast 1
signature is valid. If so, therefore the answer is closer to B.
If the answer is A like Dave believe it should be, yet no semantics and
rules applies, then how can you assign responsibility? You need some kind
of interpretation if you wish to assign responsibility.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html