On Apr 12, 2006, at 12:56 PM, Murray S. Kucherawy wrote:
If the "f=" tag is absent, a verifier can infer its value by using
the first four bytes of the actual (i.e. base64-decoded) "bh" tag's
value when describing its results to receivers. However, since the
base64-decoded version of the "bh" tag is not easily visible upon
simple header inspection, signers SHOULD add this tag for clarity.
What happens when these values are not unique? Would these values
increase in size until they are unique? The "bh" tag could easily be
the same for multiple signatures, which would make this a poor choice.
Verification results based upon an added header might be spoofed when
an MTAs is not configured to remove them. In addition, these headers
will not be reliably present until universally adopted, perhaps many
years from now. While the header might be removed normally, there
could also be backup paths where the header is once again not removed.
Adding another signature at the MDA can include an extension that
lists verified signatures within the signature header itself, as that
would be its sole purpose. This approach can dispel concerns about
who is being trusted when accepting second-hand verification
results. If a verification header is bound to a signature, it could
be assumed to have been added by the MDA. Any message being re-
submitted should remove both the verification header _and_ the
accompanying signature.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html