[mtcc.com alert] Re: [ietf-dkim] Revised proposal for specifying
syntax and semantics for multiple signatures
Michael Thomas
mike at mtcc.com
Tue Apr 4 09:16:07 PDT 2006
Paul Hoffman wrote:
> Revised to:
>
> - remove verification passthrough
> - change the canonicalization to what is being used anyway
> - removed the ordering requirement
> - softened the wording about bid-down attack
It would be nice if you responded to my initial post on this subject.
But in particular:
> p= Earlier signatures (plain-text; REQUIRED
I have no idea why this merits even a SHOULD let alone a REQUIRED.
The rationale makes a pretty big leap from needing to have multiple
signatures to needing this new required functionality. As far as I
recall, nobody's answered why it's needed, let alone mandatory.
Mike
More information about the ietf-dkim
mailing list