On May 2, 2006, at 11:30 AM, Jim Fenton wrote:
I don't think the wording "consider this signature invalid"
requires the verifier to consider a signature failure as "unsigned".
The state of being "unsigned" implies the message does not contain a
verifiable signature. Signature verification may fail when the
algorithm is unknown. Imposing a scheme where an invalid signature
affects the validity of other signatures may prohibit a means to
transition to newer algorithms.
Yes, as I said in http://article.gmane.org/gmane.ietf.dkim/1751, I
think one should consider failed signatures as if they aren't
there, but I'm not sure that's something to include in the -base
specification.
Some limit should bound the signature verification process, either by
a permitted number of signatures or a minimum number of verification
operations. A basic goal of ensuring compatibility seems to require
that some signature/verification limit be established.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html