Steve Atkins wrote:
On Nov 9, 2007, at 5:29 AM, Hector Santos wrote:
Charles Lindsey wrote:
Surely, t=y will be used in one of two scenarios:
1. Someone is intending to roll out DKIM, and is trying it out. He is
not sure whether he has implemented it right, so it may fail.
But in that case there will be no SSP record, or if there is one it
will say "we do not sign (yet)".
2. An existing DKIM user is rolling out a new algorithm. As before,
he may get it wrong and the signatures may fail.
That might be GOOD GUY scenarios. How about the EXPLOITED scenarios?
With those two provisos, the existing rule, to ignore any failed t=y
signature (as though there had been no signature) makes perfectly
good sense.
hahahahahaha. :-) Sorry. I just don't see how its not seen that what
you think is GOOD can also be BAD. :-)
That you do not understand that a DKIM message only has two states -
validly signed or not signed - and continue to use that ignorance to
waste time in this forum isn't a laughing matter.
Please behave professionally and constructively or be quiet and let
others work.
I think I have been extremely professional and constructive. Whether
you choose and others CHOOSE to ignore that input is another matter all
together.
I think the CONCERNS are very VITAL in the discussions about DKIM
implementation and SSP.
It is WELL understood DKIM has two states. The FAILED t=y STATE is a
PROBLEM under a PERPETUAL USAGE MODE.
Why is that NOT a valid concern and why do you choose to IGNORE it?
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html