On Jun 5, 2006, at 9:48 AM, Michael Thomas wrote:
Douglas Otis wrote:
On Jun 5, 2006, at 9:14 AM, Michael Thomas wrote:
Now 1287.
Wait a minute, hasn't this been discussed ad nauseum with the clear
consensus to leave this text in?
Do you have a reference to this discussion? The concern raised
is about the normative language in the -base draft regarding the
removal of signatures.
Yes, we've definitely had this conversation before.
It seems a growing portion of email content might become invalid
signatures.
I've seen exactly the opposite.
So the current practice is to not retain invalid signatures?
Such a strategy seems remarkably prescient.
Prior conversations related, mostly between Paul and yourself, was
in regard to an algorithm transition. These conversations did not
adequately cover many security related details. The details of
handing such a transition are still not clear, nor is it clear how a
prior invalid signature adds protection. The topic of DoS related
considerations or a growing invalid signature content is added by the
concern expressed as new territory.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html