-----Original Message-----
From: John Levine [mailto:johnl(_at_)iecc(_dot_)com]
Sent: Wednesday, October 13, 2010 2:47 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Cc: Murray S. Kucherawy
Subject: Re: [ietf-dkim] detecting header mutations after signing
DKIM simply highlights an issue that's been there for a very long time
now.
No. No, no, no, no, no. Malformed messages only become an issue when
someone aserts that they're not malformed. In the absence of DKIM
signatures, the reasonable thing to do with a malformed message is to
render it. In the presence of a DKIM signature, the reasonable thing
is something else. That's why this is a DKIM issue.
Do Alpine or Thunderbird or whatever else do anything special now when a
message is signed, whether or not the signature(s) pass or fail?
Current modules that don't do the kind of enforcement people are demanding and
that isn't exacerbating anything. When they add DKIM support in some way, I
imagine those MUAs will become aware of the problem and do the "something else"
you're talking about.
I'm fine with providing some informative guidance about that to MUAs, but
that's different than telling verifiers that they are required to enforce
something that's not specifically within their scope.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html