On 10/6/2010 9:17 AM, John R. Levine wrote:
Is it DKIM's job to make the verification fail, or is it an MUA's job to do
something reasonable with malformed messages?
At one level, that's merely an implementation choice. At another level, it is
a
question of whether conformance enforcement MUST occur at all.
The discussions have tended to assume that it MUST occur, by virtue of the DKIM
requirement for 'conformant' messages. Steve's point cleverly suggests that
DKIM itself can dodge the issue by -- once again -- having things simply rest
on
verification outcome.
I find the simplicity and sufficiency of Steve's point pretty darn appealing.
To emphasize: It's sufficient because it focuses on DKIM's actual goal and
does
not expand that scope.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html