[ietf-dkim] Revised proposal for specifying syntax and
semantics for multiple signatures
Paul Hoffman
phoffman at proper.com
Tue Apr 4 09:39:02 PDT 2006
At 5:20 PM +0100 4/4/06, Stephen Farrell wrote:
>Paul,
>
>A question about the semantics bit.
>
>What do we need to say about what a verifier MUST, SHOULD
>or MAY do/NOT do, if sig1 has "h=foo+bar" but sig2 has "h=bar"
>(or whatever other variant you prefer)?
My preference would be to say nothing. This is a recipient policy issue.
>However, I suspect that some verifiers will tell someone
>about what "h=" was when they see a single signature, in
>which case should we say that such verifiers SHOULD present
>info about all sigs or something. If a verifier reports
>partial or confusing information there, then trouble may
>well ensue. OTOH, this is close to designing an API, and
>that's not generally IETF business.
Exactly.
More information about the ietf-dkim
mailing list