ietf
[Top] [All Lists]

[ietf-dkim] Re: Last Call: 'DomainKeys Identified Mail (DKIM) Signatures' to Proposed Standard (draft-ietf-dkim-base)

2006-11-14 20:57:32
Eric Allman wrote:

--On November 8, 2006 12:05:07 AM +0200 Pekka Savola
<pekkas(_at_)netcore(_dot_)fi> wrote:

==> what is the expected verifier's behaviour if one or more of
these MUST/MUST NOTs doesn't hold?  AFAICS, that hasn't been
specified, at least not very clearly.  Should it be?

This is already covered in (e.g.) 6.1.1:

       Implementers MUST meticulously validate the format and values
       in the DKIM-Signature header field; any inconsistency or
       unexpected values MUST cause the header field to be
       completely ignored and the verifier to return PERMFAIL
       (signature syntax error). Being "liberal in what you accept"
       is definitely a bad strategy in this security context.

One clarification to this for Pekka, in case he missed it: Section 3.2:
Unrecognized tags MUST be ignored.

        Tony Hansen
        tony(_at_)att(_dot_)com
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>