-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Barry Leiba
Sent: Thursday, May 05, 2011 1:55 PM
To: John R. Levine
Cc: ietf-dkim(_at_)mipassoc(_dot_)org; Alessandro Vesely
Subject: Re: [ietf-dkim] 23 again (sorry John) was Output summary - proposing
ODID "Originating Domain Identity"
We certainly could deprecate it, and add something that says that
verifiers MAY consider a signature for which l= is less than the full
message length to fail verification. Such a change should have been
proposed earlier in the process, but I won't consider it out of scope
if we have consensus to do that now.
As I recall the document does say something like "acceptable to the verifier"
and this is one of several local verifier policy examples that was meant to
cover. (Another, for example, is "Subject: wasn't included in the hash" which
is an option in at least two implementations.) I'm fine leaving it like that,
or perhaps creating another appendix that lists common scenarios in this realm.
And, of course, we can always add non-normative advice somewhere (but
I suggest NOT in 4871bis) that evaluation systems that use DKIM should
check l= against the message length when deciding what to do.
Anyone sufficiently passionate about "l=" being deprecated can do that through
other venues if we don't want to take that work up here.
-MSK
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html