On Fri, May 29, 2009 at 5:22 PM, John R. Levine <johnl(_at_)iecc(_dot_)com>
wrote:
I don't understand what "cruft" you think I'm talking about.
Telling people that it is reasonable to add a chain of A-R headers to
messages with broken signatures, and expecting recipients to apply some ill
defined algorithm to decide how much they believe each level of alleged
signature.
What part of my message makes you think that's what I'm suggesting?
Surely not the part where I say, "Chaining isn't the point.". And it
certainly can't be the part where I say, "remove all previous sigs AND
all previous A-R".
I think it's a terrible idea to (1) leave signatures in a message
after you break them, (2) add A-R without removing any already there,
or (3) add A-R without a signature covering it.
Or are you just trolling?
I would really like to remove l= from DKIM to make it clear that it is not a
good idea to even try to guess the history of a message based on signatures
that don't verify and cover the whole messag.
Yes, that seems to be the consensus, and I agree with that.
Barry, as participant
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html