ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] ISSUE: Updating Section 6.5: Recommended Signature Content

2011-04-26 01:27:38
Murray S. Kucherawy wrote:
Common examples of fields with addresses and fields with 
textual content related to the body are:

    o  From

-1 with the removal of the original text of:

        o  From (REQUIRED in all signatures)

The 5322.From header is a fundamental binding requirement in DKIM 
signatures.

Removing the "(REQUIRED in all Signature)" increases incorrect reading 
of the DKIM specification that 5322.From is not required.  This 
increase potentials for future interoperability issues when a FROM is 
not bound and it will fail validation.

There is clearly no reasonable explanation to remove this strong 
emphasis and just continues to promote negative intent views.  Please 
stop introducing changes that is clearly sensitive and known to create 
a WG conflict and the only way to solve that thorn is to ignore the 
posted concerns.  This a serious WG protest problem with the on-going 
concerns of creeping in removals of all things related to the AUID and 
the required 5322.From bound association with the signature.

Please don't remove this critical requirement text.

I'd actually like to add Authentication-Results because an agent 
that wishes to claim that observed authentication meta-data should 
become part of the message core certainly should sign such a field, 
but that's not worth recycling at Proposed and basically RFC5451 
already says that anyway.

IMO, you should as it will help with DKIM Mail Integration.  If you 
think this current non-standard header is IETF RFC material fit issue, 
then is it possible to use a generalized text:

     o Any DKIM related verification results and trace fields

-- 
Hector Santos, CTO
http://www.santronics.com



_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html