Append to Section 6 Verifier Actions:
It is not reasonable to assume a message is in compliance with RFC5322.
To mitigate trivial exploitation of trust established by DKIM
signatures, messages having multiple header fields for "orig-date",
"from", "sender", "reply-to", "to", "cc", "message-id", "in-reply-to",
"references", or "subject" MUST always return PERMFAIL for any DKIM
signature associated with the message. When there are multiple
singleton header fields, a field selected for display or sorting is
therefore undefined. Likely top-down selections by consumers of DKIM
status where the signature verification selects bottom-up leaves
singleton headers highly prone to trivial exploitation.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html