Why would one care at all about when a sig was signed? A sig will either
pass muster or fail, if passed t=$date < curr_date raises a question of
expiration for the verifier. Obtaining the actual timestamp of when the
message was actually signed doesn't have much value for me.
Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill(_dot_)oxley(_at_)cox(_dot_)com
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Mark Delany
Sent: Tuesday, April 11, 2006 1:07 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Proposal: get rid of x=
On Mon, Apr 10, 2006 at 09:11:53PM -0700, Dave Crocker allegedly wrote:
John R Levine wrote:
Without t= we have no idea when a message was signed, since there's
no
particular reason that the Date: header has to contain the current
date,
or even that there be one.
And -- just to quibble a bit, but in a *nice* way -- it would not
matter
even if it did contain the "current" date.
The Date field specifies the time of posting.
Signing might take place at any time after that (or even before that.)
So, color me slow. We know for sure that signing happened in the
past. What specific value do we place on how far in the past that
signing occurred? What code do I write to test that specific value and
what do you recommend that a verifier do with such knowledge?
Mark.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html