Paul Hoffman wrote:
> Revised to:
>
> - remove verification passthrough
> - change the canonicalization to what is being used anyway
> - removed the ordering requirement
> - softened the wording about bid-down attack
It would be nice if you responded to my initial post on this subject.
But in particular:
> p= Earlier signatures (plain-text; REQUIRED
I have no idea why this merits even a SHOULD let alone a REQUIRED.
The rationale makes a pretty big leap from needing to have multiple
signatures to needing this new required functionality. As far as I
recall, nobody's answered why it's needed, let alone mandatory.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html