At 07:22 16-07-2005, Michael Thomas wrote:
As an example, should you give a "fail" for a broken signature?
In all other respects, a broken signature is indistinguishable
from a missing signature, so "fail" seems to assert more than
is there, but "neutral" looks at first blush very odd.
If the Sender signing policy says that sender signs all emails, then
you should give a "fail". If the sender signing policy says that
some emails are signed and there is no signature, the result is "neutral".
Regards,
-sm