John Levine wrote:
Trying to forbid random other third party signatures is, as I expect
you'd agree, just silly.
J D Falk:
And yet, treating any random third party signature as if it's just as
valid as a first party signature is, as I expect you'd agree, the kind
of security issue that would cause someone to stand up on a chair and
shout "DKIM will never be useful for anything, and you people all suck
toads!"
Yet another reason to leave 3rd party signatures (and toad-sucking) out
of scope, I suppose.
Siegel, Ellen:
Explicitly out of scope. Because not all 3rd party signatures on email
are "random", and there are a number of valid use cases that include
them.
+1. This horse is dead and stays dead.
Wietse
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html