ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] A comprehensive DKIM verification specification will not violate protocol layers.

2010-11-23 05:17:24
On Mon, 22 Nov 2010 22:32:41 -0000, Douglas Otis 
<dotis(_at_)mail-abuse(_dot_)org>  
wrote:

Murray argued singleton header checks to qualify DKIM signatures
violates protocol layering.

Which is why I want to fix this problem with normative wording that does  
not violate protocol layering.

Quite simple:

Signers MUST/SHOULD not sign messages with multiple <0nce-only> headers  
(detailed wording to be discussed).

Verifiers MUST/SHOULD check that signing requirement has been met (i.e.  
that no multiple <once-only> headers, or whatever the detailed wording  
says, are present).

No protocol layering violation, because the verifier is just checking  
something laid down for signers in the same protocol. RFC 5322 hardly gets  
mentioned, except presumably when defining <Once-only> or in eplanatory  
NOTEs, secutiy considerations, etc. All the scams under discussion still  
get caught.

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131                       
   Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html