----- Original Message -----
From: "Michael Thomas" <mike(_at_)mtcc(_dot_)com>
To: "Paul Hoffman" <phoffman(_at_)proper(_dot_)com>
If MUAs are not supposed to be validating messages, then we
need to change the -base spec in many places.
You can't have both ways: either signatures are valid essentially
forever -- which is what would be required for MUA's to reliably
validate signatures -- or they aren't. MUA's that happen to be
able to read the message within "transport" time are perfectly at
liberty to validate messages -- no restrictions at all. But that's
a much different proposition than saying that they will be able to
validate them whenever they get around to reading them. That is not
the problem we set off trying to solve.
You can have it both ways with the proposed change to
use the message reception time:
dynamic verification -> msg reception time = current time
delayed verification -> msg reception time = 2822.Received: time
This resolves the question on whether the expiration tag may be used to
invalidate an already stored message based on the current time.
See
http://mipassoc.org/pipermail/ietf-dkim/2006q2/003134.html
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html