John Levine wrote:
I took another look, and I see I didn't realize this section
is just about signers, not about forwarders, so:
I suggest we change the last sentence of section 4 to:
Signers SHOULD NOT remove any DKIM-Signature header fields from
messages they are signing, even if they are unable to verify
those signatures.
Then perhaps add an informative note:
INFORMATIVE NOTE: A message forwarder may remove DKIM-Signature
header fields if it modifies a message in a way that makes it
implausible that a subsequent verifier could verify the
signature, e.g., if it reorders the MIME parts in a message
or flattens an HTML message to plain text.
What does "implausible" mean? And I disagree about this in general;
the forensics of signatures are as worthwhile as the ultimately unverifyable
received headers which no RFC suggests that you remove.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html