Is there *any* signature by way of its underlying credential that
doesn't have a lifetime?
No, but I don't see any reason that a sender has any great insight
into the likely transit time of a message or the useful lifetime of a
message signature.
DKIM is intended to have a transport duration lifetime, eg about
2 weeks.
Quite right. So we should ditch x= and add a sentence saying that
recipients should ignore signatures older than the longest likely
transit time of a message, typically two weeks.
What states might those be?
Let's say message A has a signature that uses x= to set a lifetime of
five seconds, and message B has a signature that has a lifetime of
five years. Have we learned anything useful about either message
other than that the people who signed them don't understand mail
transport very well? What if the signature time and the expiration
time are equal, or it expires before it was signed? Do either of
those mean anything? What should a recipient do?
I can see why someone might want a feature analogous to the usenet
Expires: header to say that the contents of a message aren't
interesting past a given time, but that's not the semantics of x=.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html