On Jun 2, 2009, at 2:10 PM, Paul Russell wrote:
Ah! I have a less-than-complete understanding of the current
specification. Why does the current specification allow the signer
to specify an arbitrary value for l=, rather than requiring the
value of l= to be the actual length of the message body at the time
the message is signed?
There are cases where a receiving MTA or delivery agent will append a
notification to incoming messages. For example, when the DKIM
signature is checked after being forwarded and the i= parameter has
been used, appended notifications will not affect the signature
verification process. Appended portions of a message will need to be
annotated differently, in the same manner unsigned headers should also
be annotated differently. Proper annotation may require greater
annotation flexibility, or perhaps creation of message copies
containing only signed information. How messages are annotated is
beyond the scope of the DKIM specifications.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html