On Oct 15, 2010, at 9:50 AM, Murray S. Kucherawy wrote:
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Charles
Lindsey
Sent: Friday, October 15, 2010 7:30 AM
To: DKIM
Subject: Re: [ietf-dkim] detecting header mutations after signing
And if we are not going to fix ADSP (yet), then the only way we can stop
that particular exploit is to fix DKIM.
Arguing that "ADSP is a completely separate discussion" will achieve
nothing.
If that's consensus, then we're on the slippery slope of "fixing" DKIM to
deal with flaws at all layers above it. And we'll never be done.
+1.
Any bug fixes for ADSP need to be done at the ADSP level.
If there's a bug that needs fixing at the DKIM level then if
should be something that clearly needs fixing based on
DKIM usage. (And I think that the very narrow case of
messages that violate 5322 through multiple headers
*may* be such, but any justification of that relying on ADSP
isn't helpful).
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html