Trust me, this is (supposed to be) minor!
Someone off-list pointed out to me that it might be helpful to summarize the
expected outputs of a DKIM verifier. Indeed, on review, we don't do that all
in one place; some of it is in Section 3 and some in Section 7.
With that in mind, I propose this as a new Section 4.9, moving the others down:
4.9. Output Requirements
The output of the verifier MUST embody:
- A result code that indicates whether or not the signature was
validated (PERMFAIL or TEMPFAIL as described in Section 7.1, or a success
result code)
- If the signature did validate, the value of the "d=" tag, i.e., the
signing domain
The verifier MAY include other outputs, but this is implementation-dependent
and not mandatory. The verifier MAY also include as secondary data some
information indicating the specific cause of a failure.
Comments?
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html