[ietf-dkim] list config, was Admilistrivia question
hsantos at santronics.com
Wed Oct 19 18:23:15 PDT 2005
----- Original Message -----
From: "Earl Hood" <earl at earlhood.com>
To: <ietf-dkim at mipassoc.org>
> On October 19, 2005 at 15:13, "Hector Santos" wrote:
> > 1) The signer can use the z= tags to save the header signing data.
> Unfortunately, the verification algorithm, as it is currently designed,
> does nothing with z=. I think z= needs to be reconsidered, as
> I have noted awhile back (probably on ietf-mailsig).
An implementator can add a quick loop to check the z= headers against the
actual headers, as we did, as part of a diagnostic reporter to find out
where there would be early integrity. In other words, if Z= is present,
then it must match existing headers. If not.....
"msg #123343434: Warning, DKIM integrity failure: Subject line"
>> Anyway, I think the positives outweigh the negatives.
> It seems that a mailing list that mucks with a message is a good
> test case for how DKIM survives, or addresses, such behavior.
> This is where the challenge is, not with lists that just re-direct
> messages without alteration (except maybe the addition of trace
> fields and List-* fields).
As I said, if this was intentional to help promote DKIM problem solving,
then all fine by me. I suspected these list admin had good reasons. <g>
Hector Santos, Santronics Software, Inc.
More information about the ietf-dkim