ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Pete's review of 4871bis

2011-06-30 11:56:51
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Charles 
Lindsey
Sent: Thursday, June 30, 2011 7:05 AM
To: DKIM
Subject: Re: [ietf-dkim] Pete's review of 4871bis

The problem is that an apparently valid signature (albeit atching the
wrong From) is likely to give a false impression of validity somewhere
along the line unless modules down the line are watchig for this case (and
for sure MUAs will not be watching for it for a long time, so it is the
ISPs/boundary agents that need to do it).

If the advent of DKIM means that numerous modules implementing other 
specifications loosely suddenly have to pay a price for doing so, then that's 
the reality, and I still don't see how that's a problem DKIM needs to fix.  
Sure, we need to document the nuances DKIM introduces, but it's still not an 
attack against DKIM, so this remains the wrong place to deal with it in a 
normative sense.

If you prefer the loose application of other standards, don't use DKIM (and 
lose out on its benefits).

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html