[ietf-dkim] Re: Attempted summary

[Dave Crocker]

Folks,

>> If the list does sufficient damage to the message that any incoming
...
> And that assumes the original signature doesn't contain some future option
> that the list doesn't know about - such as a variant l=.
> So the actual rules would need to be:
>  If original verifies
>     and if I think I've modified badly...


Mark's note demonstrates two things to me that suggest strategic guidance for
the working group:

1. The initial technical spec needs to allow replacing one signature with 
another and it needs to allow multiple signatures.  The rule for DKIM-aware 
mediators replacing the signature probably should something like "if you break 
it, you own it".

2. The behavior of additional signers for a message may need to be relatively 
complex. Complexity requires effort to understand, before writing it into a 
standard.  So the details of this sort of behavior needs to be deferred beyond 
the current scope of the working group.

In other words, this looks like an interesting an useful topic, but one that 
does not need to be in the critical path of the current working group effort, 
except for item 1, above.

d/
-- 

Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>