Steve Atkins wrote:
On May 20, 2009, at 12:10 PM, Douglas Otis wrote:
Since email must deal with large amounts of spam and abuse, it would
be good to have provisions in DKIM that allow secured attachments to
be excluded from the DKIM hash algorithm without causing the entire
message to be considered unsigned
Why would you want to sign email as something you vouched for,
while still enabling anyone to replace the content of the email
with something else without invalidating that signature?
As I recall, the primary argument in favor of l= was survival after being
relayed through a Mediator like a mailing list, many of which add a footer to a
message. (Proof of concept: This message is an example.)
A different way of looking at this goal is that it is an attempt to sign parts
of a message body, rather than all of it, much as one might do with s/mime or
openpgp.
Hence, l= participates in the general desire to have a DKIM signature survive
the transfer path. Note that having a signature cover only some of the header
fields is another example of this.
I think the counter-argument to this goal, with respect to the body, is that
header fields other than primary addressing fields and the Subject field are
not
particularly high-leverage targets for deception, the way the body is.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html