[ietf-dkim] When i= domain != d= domain

,---
| d= The domain of the signing entity (plain-text; REQUIRED).  This
|    is the domain that will be queried for the public key.  This
|    domain MUST be the same as or a parent domain of the "i=" tag
|    (the signing identity, as described below).  When presented with
|    a signature that does not meet this requirement, verifiers MUST
|    either ignore the signature or reject the message.
'___

: d= The domain of the signing entity (plain-text; REQUIRED).  This
:    is the domain that will be queried for the public key.  This
:    domain MUST be the same as or a parent domain of the "i=" tag
:    (the signing identity, as described below).  When presented with
:    a signature that does not meet this requirement, verifiers MUST
:    consider the signature invalid.

Rather than suggesting the remedy of ignoring or rejecting themessage, the signature should be defined as invalid. Perhaps thisrepresents some future version of the DKIM protocol, where a backwardcompatible signature may also be present. It seems defining thestate of the signature rather than possible remedies would be moreuseful.


-Doug






_______________________________________________

NOTE WELL: This list operates according tohttp://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] Notes from DKIM jabber meeting on 20 April 2006, Jon Callas

Next by Date:

Re: [ietf-dkim] When i= domain != d= domain, Paul Hoffman

Previous by Thread:

[ietf-dkim] Binary algorithms and algorithm spoofing during a transition., Douglas Otis

Next by Thread:

Re: [ietf-dkim] When i= domain != d= domain, Paul Hoffman

Indexes:

[Date] [Thread] [Top] [All Lists]