Sonneveld, Rolf wrote:
Let's keep it clear: a broken signature is to be ignored
(base DKIM spec). But removing signatures without a good reason
is wrong.
A good reason is to lower the confusion of an unknown assessment
world, especially when the LAST SIGNER is taking responsibility and is
the presumably the only "vounch-able" entity but the unknown
non-standard reputation filtering engines (RFE) advocates.
What is your reason for keeping a broken signature? Do you have an
RFE that can utilize this information?
Look, systems that support policy are in a better position to filter
these faults in the system. But in lieu of a policy standard, I can
probably see where the MLM or any resigner blindly stamps its DNA
ignoring any previous single or collection of signatures.
But we have a WG Policy concept in place. One way for the MLM to lower
the confusion is to honor it first. After that, it can really do what
it whats because it is all now in an indeterminate state that can only
be possibly handled by special signing arrangements.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html