[ietf-dkim] one more comment I forgot...

[Michael Thomas]

Stephen Farrell wrote:

>
> Yes, but mucking up a signature is already covered in the
> draft whereas totally ditching one isn't.
>
> (Perhaps "forwarder" wasn't the right term - if not, mea
> culpa.)

 From a threat perspective, the two are identical, right? If a
receiver in any way treats broken signatures different than
missing signatures, an attacker can exploit the preferable
treatment trivially.

       Mike