Hector Santos wrote:
Steve, I posted my proposed change hopefully satisfying some other spec's
issues.
I saw that - thanks.
But I do have a few comments with your text:
Verifiers SHOULD support checking of x= values.
I think this must be a MUST. In my view, this is risking malpractice and
product liability problems if a domain has exclusively expressed an
expiration and it is not honored by the verifier. If there are any harm or
damages some some entity (user or domain), this is subject for action
(asking for trouble.) I don't think I am off base with this opinion,
especially when there is such a strong DKIM charter of establish domain
responsibility and reputation stake.
REQUIRING that the verifer honour the sender's wishes is
tricky in general and a MUST there is getting close to that,
as you say.
And I've seen no example of any actual harm that might accrue.
But whatever the consensus is...so long as we get there quickly!
INFORMATIVE NOTES:
2) There is no real point in including a nonsense value in
this tag - if the signer has no reason to include any
particular value then this tag is better omitted.
I don't think this information notes is necessary. I think covered it with
the 3rd note.
Sure, only put it in 'cause of all the 2038 type dates you see in
X.509. It may be overkill, but OTOH...
S.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html