On 26/Apr/11 06:19, Hector Santos wrote:
While I agree with your version, if there is anything else to
reconsider it would be the last sentence:
However, compliant verifiers might not implement rsa-sha1;
they will treat such messages as unsigned.
That seems to say rsa-sha1 signatures will be ignored independently of
a verifier's capabilities. Taking into account Mike's note, I'd limit
such behavior to verifiers that (for some reason) cannot do otherwise.
However, compliant verifiers who have not enabled rsa-sha1
will treat such messages as unsigned.
may better reflect all paths an implementator may take with this note.
+1, or even better with Murray's original wording
However, compliant verifiers who do not implement rsa-sha1
will treat such messages as unsigned.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html