On 5/21/09 4:45 PM, Dave CROCKER wrote:
Eliot Lear wrote:
The whole point of l= was to say that beyond it you should treat the
content as suspicious.
Eliot,
Since DKIM Signature does not make statements about the differential
handling of content, signed or unsigned, I'm not clear what you base
this assertion on. Can you clarify?
As I understand DKIM Signature, there is are validly signed messages
(with their identifiers) and there are all other messages, and that
binary distinction is the limit of DKIM semantics. You appear to be
going beyond the specification.
I think the point is that you can't make assertions of responsibility
for the information beyond l=. That was always the implication, right?
So now you're a mail firewall and you see lots of URLs tagged at the
end, with nobody asserting responsibility. That's an indicator that
there is a problem. What one does with that problem is well beyond the
scope of DKIM, but one could easily see several different courses of action:
1. stripping the URLs
2. quarantining the entire message
3. posting a warning IN the message
But again, this is all really academic, depending on the point of
actually USING l=. How can it LEGITIMATELY be used. We can find ways
to deal with miscreants using l=, but it may not be worth it if we can't
find legitimate uses...
Eliot
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html