mail-vet-discuss
[Top] [All Lists]

Re: [mail-vet-discuss] Last Call: draft-kucherawy-sender-auth-header (Message Header Field for Indicating Message Authentication Status) to Proposed Standard

2008-12-02 11:53:43
On Mon, Dec 1, 2008 at 11:33 PM, Murray S. Kucherawy 
<msk(_at_)sendmail(_dot_)com>wrote:


  Current wisdom among [DKIM] verifier implementations is to avoid
  taking final filtering actions such as rejecting messages based on a
  "fail" result, as there are plenty of legitimate reasons a signed
  message might fail to verify.  Instead, such messages should
  generally be treated as though they were not signed at all.  Thus, a
  verifier MAY elect to report "neutral" in place of "fail" to
  discourage needlessly harsh reactions from downstream agents.

This seems like a bad idea to me; verifiers can always say whatever they
like but encouraging them to report less accurate information seems like a
poor choice for the long term compared to  just reporting the most accurate
status.  Why would we recommend verifiers "lie" instead of recommending
downstream agents to consider accepting failed signatures?
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html 
<Prev in Thread] Current Thread [Next in Thread>