Robert,
On Fri, 19 Nov 2004 12:51:27 -0700, Robert Barclay wrote:
Your note at the bottom about the Sender semantics mentions Resent-
Sender and Resent-From. This is mostly for my own edification but
if you are changing the content of a message in a way that would
break the signature on the From is this a case where use of either
of the Resent headers would be accurate? It seems to me that in
this case you are a new author and thus a new From or Sender.
Thank you for raising this. I think it is a significant issue, which is why I
put the added comment at the end of the footnote. And your question is for
more than education. This is an issue we need to resolve.
The more discussion there is about signature requirements involving transit
accountability -- ie, the MASS goal -- the more I think we need to focus on the
role of the actor who "creates" the total current message. That's the
RFC2822.Sender or RFC2822.Resent-sender. (As the footnote notes, when there is
no 'sender' field present, the 'from' fields hold a virtual copy of it.)
Although having to look for two fields is more complicated than 1, I think that
'latest poster into the transfer service' is the simplest concept. They are,
after all, the entity that should be accountable for the current transfer of
the message by the end-to-end handling service.
How do folks suggest we resolve this?
d/
--
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
www.brandenburg.com