ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Re: dkim-base-01 nits and semi-nits

2006-05-01 18:24:56
Jim Fenton wrote:

Eric Allman wrote:
My only concern is to ensure we're not prescriptive to a
verifier. Anywhere we say "reject" probably should be changed to
"treat as unsigned" as long as there is no implication one way or
the other as to what a verifier does with that "is verified" or "is
not verified" knowledge.
At some level I agree with you.  But saying "treat as unsigned" is
just as prescriptive as "reject" --- either is telling the verifier
what to do.  As a verifier, I may want to just outright reject all
messages that have unsigned content.  It's probably not a good idea,
but someone somewhere will want to do it someday.
"Treat as unsigned" seems a little ambiguous when there might be
multiple signatures.  It might be interpreted as "treat the message as
though it is completely unsigned" as opposed to "consider this signature
invalid" which I think is your intent.
I'm a little confused by Eric's previous mail on what he was going to do,
but "ignore the signature [as invalid]" seems to convey the intent here, without
falling into the trap you're referring to.

      Mike
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html