From: John Levine [mailto:johnl(_at_)iecc(_dot_)com]
Subject: Re: [ietf-dkim] Base issue: multiple linked signatures
Verifiers MUST NOT use the header field names or copied values
for checking the signature in any way. Copied header field
values are for diagnostic use only.
1) This condition is ACTUALLY REQUIRED for interoperation?
Well, yeah. If the verifier is a separate module from the
one that sorts mail based on the verification result, the
sorter is going to act differently with results from a strict
verifier vs. a squidgy one.
Delivering a different result is not the same as incompatibility.
Is a signature verifier going to generate a result that is less likely to
correctly reflect the authenticity of the message?
2) This condition limits actual HARM?
If we consider unwittingly accepting mail with bad signatures
as harm, yes.
This is an overt act that the recipient chooses to take.
Protection from an unwitting action is not justification for prohibiting taking
the action with full knowledge. The point of SHOULD is to provide that
knowledge.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html