ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] layer violations, was detecting header mutations after signing

2010-10-21 11:33:01
from [Alessandro Vesely] [Permanent Link] 
On 21/Oct/10 17:47, John R. Levine wrote:

If Big-Bank had been added after signing, verifiers are already
authorized to delete that field from the message, according to the
current PS. Isn't that enough?


I don't know any DKIM verifier that modifies the message, and I doubt
that many people would want to use one.


Adding and removing Authentication-Results is probably the most common 
modification.  Removing header garbage may also be fairly popular, 
dunno.  Why do you think it's bad?

At any rate, the paragraph I was referring to is

  The verifier MAY treat unsigned header fields with extreme
  skepticism, including marking them as untrusted or even deleting them
  before display to the end user.
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] More on layer violations, John R. Levine
Next by Date:  Re: [ietf-dkim] More on layer violations, Murray S. Kucherawy
Previous by Thread:  Re: [ietf-dkim] layer violations, was detecting header mutations after signing, John R. Levine
Next by Thread:  Re: [ietf-dkim] layer violations, was detecting header mutations after signing, John R. Levine
Indexes:  [Date] [Thread] [Top] [All Lists]