Hector Santos wrote:
----- Original Message -----
From: "Jim Fenton" <fenton(_at_)cisco(_dot_)com>
This points out another problem: if a verifier defers verification or
acceptance of a given message, it SHOULD maintain enough state so that
the message may be accepted after some number of retries, so that
messages with key retrieval problems are not rejected entirely.
Jim,
Wouldn't that create a loophole?
If you mean, how would the verifier know how many deferrals are
acceptable, you're right that's a problem. If the key can't
(permanently) be retrieved, it's a signature verification failure, and
not in general a reason to reject the message outright, so I don't
consider it to be a loophole in that sense.
-Jim
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html