On Tue, 26 Dec 2006 11:21:09 -0500 DKIM Chair
<leiba(_at_)watson(_dot_)ibm(_dot_)com> wrote:
In discussions with the IESG to sort through their "discuss" comments,
I had a talk with Lisa Dusseault, and she had one point that I want to
bring back to the mailing list: I don't think we considered, in our
discussions of multiple signatures, multiple *linked* signatures, which
could work TOGETHER to convey information, and the protocol doesn't
allow that sort of thing. The way dkim-base is set up, I don't think
this could easily be added as an extension, and it'd be a significant
change at this point. Here's the concept:
* Signer puts on two signatures (maybe as two header records, maybe as
one that contains two sigs).
* One of the signatures has minimal scope, maybe signing only "from:",
with l=0.
* The other signature covers as much of the message as possible... most
headers, all the boby.
* The two signatures work together. If one verifies and the other
doesn't, the verifier can consider what was changed in the message, and
possibly use that information to deal with mailing list modifications
or whatnot.
One way this might be used is to have one signature that covers the
subject header and one that doesn't, to allow the verifier to detect a
subject change and decide whether it's OK. As the spec is now, the
verifier would just find the one signature (that doesn't cover the
subject) that works, and use that, not considering the other.
This seems quite simple to me. If the domain owner doesn't care about
protecting headers, they should not sign them. If they care about
protecting headers from being modified, they should sign them.
The presence of a failed signature shouldn't affect processing. Treating a
failed signature as anything other than no sognature seems a poor practice
to me.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html