[ietf-dkim] mailing lists and -base
Paul Hoffman
phoffman at proper.com
Thu Mar 30 08:05:59 PST 2006
At 1:51 PM +0100 3/30/06, Stephen Farrell wrote:
>I think that the bodyhash thing in this context is a side-issue.
>Isn't the main thing here that we need to figure out:-
>
>- what base needs to say about cases where a message containing
> >1 signature is presented for verification, noting that that
> could happen for alg. agility reasons or else because some list
> s/w, or some otherwise odd MTA, added its own signature to an
> already signed message
>
>- whether base needs to have any mandates or guidance for signers
> who want to add a signature to an already-signed message they
> receive (note the above doesn't exclude the advice being "don't
> do it"), and if so, then what (e.g. some ideas about signing a
> few list related headers were batted about previously)
I agreed in Dallas to write up a proposal for these. That should be
within a few days.
More information about the ietf-dkim
mailing list