mail-vet-discuss
[Top] [All Lists]

Re: [mail-vet-discuss] Proposed "header.b" tag for DKIM signatures

2010-03-24 15:01:03
-----Original Message-----
From: Alessandro Vesely [mailto:vesely(_at_)tana(_dot_)it]
Sent: Wednesday, March 24, 2010 12:46 PM
To: Murray S. Kucherawy
Cc: mail-vet-discuss(_at_)mipassoc(_dot_)org
Subject: Re: [mail-vet-discuss] Proposed "header.b" tag for DKIM
signatures

To which signature is that result reporting if the verifier simply
ignored one of them, and both of them had "d=example.com"?

In case both passed, should the verifier report the same result twice?

I would argue yes.  If your upstream mail provider (think cloud-based mail 
filtering, software-as-a-service, etc.) does all your verifying for you, I 
would say it will want to report all information to you and let you provide 
your own further filtering based on local policy.  In that regard, that 
provider would be doing you a disservice by giving you needlessly ambiguous 
results (one "dkim=pass" doesn’t tell you which one passed, and your local 
policy might actually need to know).

This consideration assumes that A-R consumers agree with the verifier
policy, though. Are there consumers who need more insight than that
provided by their trusted verifiers?

DKIM in general doesn't presuppose that the verifier and the receiver are the 
same agent.  I don't believe we should here either.

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html 

<Prev in Thread] Current Thread [Next in Thread>