On Tue, 12 Feb 2008 02:16:37 -0000, Douglas Otis <dotis(_at_)mail-abuse(_dot_)org>
wrote:
Limited scope Author Signature definition: (conservative)
An "Author Signature" is any Valid Signature where the signing domain
(listed in the "d=" tag) matches or is above the domain of the
Author Address. The Author Address must also be contained within the
scope of the key local-part and sub-domain range (listed in the
key's "g=" and "t=" tags).
Yes, that is the only definition that is really correct, though the
wording might well be improved.
An "Author Signature" is any Valid Signature where the domain of the
Author Address is a sub-domain of the signing domain
(listed in the "d=" tag). Morover, the <local-part> of the Author
Address
must also be contained within the scope of the key local-part of any
"g="
tag.
Having just reread the relevant bits of RFC 4871, I cannot see what effect
a tag "t=s" would have, since it just restricts what the domain of the
"i=" tag may be, but that domain appears to play no part in the
verification process. In fact, ISTM that sections 3.5 and 3.8 contradict
each other. Perhaps someone could enlighten me on this.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html