ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] DKIM expert group meeting for Dutch 'comply or explain' list

2011-06-23 21:49:43
On 6/23/11 2:52 PM, John R. Levine wrote:
Acceptance policies and results for DKIM MUST align with
what is being displayed in the message.
I'm pretty sure that we have uniformly agreed not to attempt to do MUA 
design, so, no, it doesn't.  We have no idea what is displayed in the 
message.  We have no idea if the message will ever be displayed at all.
Ian,

John is right.  Most headers are displayed selecting top-down and DKIM 
always selects bottom-up.  Headers likely displayed and selected to be 
signed need to be check by some protocol layer that ensures they are not 
illegally pre-pended.  Unfortunately, both SMTP and DKIM will not make 
these basic checks.  There seems to be a prevailing assumption undefined 
spam filters will instead intercede.  Who should victims blame when 
these checks are not made?  How can a secure system be specified?

-Doug
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>