-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of John R. Levine
Sent: Thursday, October 14, 2010 7:59 AM
To: dcrocker(_at_)bbiw(_dot_)net
Cc: DKIM List
Subject: Re: [ietf-dkim] layer violations, was detecting header mutations
after signing
If allowing through modified messages that render very differently
isn't broken, shouldn't we remove the advice against signing with l=0?
The advice in favor of signing Subject: and To: fields? None of those
has any technical effect on the ability of a verifier to compute and
compare hashes.
If not, what's the difference, other than the fact that we thought of
some of them several years ago and just noticed these last week?
The difference is that the Subject:, To: and l= advice don't dabble in the area
of having to tell a DKIM implementer to enforce parts of other protocols.
Adding a second From: makes the message format illegal. The other ones don't.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html