With this, there is no need to rely on enforcement mechanisms
outside DKIM, such as the correct implementation of RFC 5322.
I would suggest constraining that to include only those fields that are
0-or-1 in RFC5322 Section 3.6. For example, doing this with Received:
is begging for signature invalidation on otherwise unaltered messages.
Signed Received headers at all is asking for trouble, but I take your
point. So here's a 0th cut at a list of headers where we should recommend
N+1 entries in the h=
rfc 5322
From
Sender
Reply-To (maybe not, since often smashed by mailing lists)
To
Cc (not Bcc even though it's 0/1)
Message-ID
Subject
Date
rfc 4021
MIME-Version
Content-Type
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html