On 3/20/09, Michael Thomas <mike(_at_)mtcc(_dot_)com> wrote:
John R. Levine wrote:
Assessors know whether a message is signed, and if it has valid
signature(s), the domain(s) that signed them. All that other stuff in the
signature is implementation details.
RFC 4871 gives no precise definition of what an "assessor"
can use to make whatever decisions it wants to draw from
the message *and* the signature(s). That you have a particular
use case in mind that doesn't care about "implementation
details" does not and should not imply that that is the only
valid use of DKIM information. That is why the errata is so
wrong headed.
+1
--
hls
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html