[ietf-dkim] Charter bashing...
Amir Herzberg
herzbea at macs.biu.ac.il
Wed Oct 12 01:47:48 PDT 2005
Arvel Hathcock wrote:
>> ? supporting multiple signatures on single messages
>
> Humm... not sure about this one. If verifiers only supported a single
> signature it would be wise for signers to strip out any existing
> signatures before re-signing. That would cause the loss of
> "potentially" useful data wouldn't it? But, come to think of it, old
> signatures don't verify (otherwise, why resign the message at all)
There may be cases where an intermediary (e.g. MTA or mailing list)
which DKIM-signs its outgoing messages, will receive a DKIM-signed
message, e.g. if the MUA signed it (for MTA), or if the sending domain
signed it (for mailing list). In some of these cases, the original
signature may still provide additional useful information for the
recipient. Why should we exclude this? The only good answer I see if
simplicity, but I think determining that the complexity/functionality
tradeoff justifies excluding this should not be done at the chartering
phase, and requires fair evaluation.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI:
http://AmirHerzberg.com/TrustBar
Visit my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame
More information about the ietf-dkim
mailing list