John Levine wrote:
Per the response to Levine's concern, I'd rather simply have text
that dodges the question of multiple signatures, here. Multiple sigs
are fine, but the figure is trying to look at a more contained topic.
I believe that having the figure explicitly show multiple sigs will,
for example, require showing multiple private/public key pairs, and
probably some sort of iterative behavior to cycle through each key.
I'd rather have it just show one signature and put side text saying
that messages can have multiple signatures, but the way a receiver
interprets multiple valid signatures is beyond the scope of this
document.
I disagree. The input to the "message filtering engine" block is
likely to involve information on more than one valid signature, as is
the decision made by "assess signer" (which, I argue, should be
plural) as to whether to check signing practices. The evaluation of a
signature is something that can be done on a per-signature basis, but
later assessments and filtering should show the role of multiple
signatures.
I don't think that the interpretation of multiple valid signatures is
beyond the scope of this document. The overview was created in order
to provide information on how DKIM might be used; ignoring the multiple
signature case does not serve that purpose well.
-Jim
|
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html