I don't see why the recipient would have any better idea than the sender
on whether the transit time is acceptable.
Because a recipient has the message after the transit has actually
happened, and knows about the way his mail gets delivered and read.
Assume, for example, someone who uses a verifier in his MUA and only reads
his mail once a week. A sender signs and sends a message on Monday with a
one-day x= value, it's delivered ten seconds later and spends four days
sitting in his mailbox. When our user reads his mail on Friday, is he
allowed to verify it? To me the answer is obviously yes. How do you
handle that with x= ? Do you interpret the x= value as of some past time
when the mail was placed in a stable place? Tell him tough luck, he's not
allowed to use DKIM unless he reads his mail more often? I don't know how
to write rules that would handle every possible recipient scenario, and
neither does anyone else, so it's nuts to try. It's the same reason that
the SMTP RFCs don't try and set fixed retry or timeout values, only
guidelines.
I prefer x= over extrapolation of t= because it gives the verifier a
simple, objective test to see whether the signature is "stale".
This is the confusion of precision and accuracy. Just because a sender
can set a x= value doesn't make it meaningful. If you want a simple,
objective test, t= plus 603763 seconds is just as objective, but perhaps
more obviously not useful.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet for
Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html