1. This is just a variant of the basic hole created by use of l=
2. The premise that having the l= go to a multipart boundary somehow
increases security is simply wrong. More generally, the idea that one or
another tidbit might tighten things a bit, l= opens such a huge door, the
small
tidbits don't matter.
On further consideration, I'm with Dave. Suggest removing the current
language about l= and MIME boundaries, and replace with a note that if you
use l=, added content can change the appearance of a message in hard to
anticipate ways.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html