Elliott Ginsburg wrote:
I want to propose a change to how signature validation failure is handled. In
the current draft, it essentially says that the user agent must do something
when signature validation fails, but what it does is up to the implementation.
I don't think it is acceptable to leave this decision unspecified; here is
of my rationale:
Your rationale, it seems to me, argues for leaving the action unspecified in the
spec. If we pick a particular security policy in the spec, we preclude the use
S/MIME in shops which have different security policy.
Some products targeted for specific environments will implement a policy
consistant with that environment. Many products will provide flexible validation
policies that can be configured by a system administrater. All of these argue
*NOT* specifying these semantics in the spec. Validation belongs to some other
working group as it goes well beyond just checking email signatures.