-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Alessandro
Vesely
Sent: Wednesday, April 27, 2011 11:41 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: [ietf-dkim] Two issues derived from Ticket #20: signature practices
On 27/Apr/11 01:42, John R. Levine wrote:
I agree with Dave's changes,
+1, and also for Murray's advice of signing A-R fields. However, in
such case, the last phrase in Sec 7.2 (INFORMATIVE ADVICE to MUA
filter writers) should be changed from
To circumvent this attack, verifiers may wish to delete existing
results header fields after verification and before adding a new
header field.
to, e.g.,
To circumvent this attack, verifiers may wish to delete counterfeit
results header fields after verification and before adding a new
header field.
Actually if we're talking about A-R fields, RFC5451 talks plenty about this.
Rather than duplicating advice, we should just refer to it.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html