[ietf-dkim] Alternative text for semantics of multiple signatures
Paul Hoffman
phoffman at proper.com
Tue Apr 4 15:26:20 PDT 2006
At 3:10 PM -0700 4/4/06, Michael Thomas wrote:
>>>> Signers MUST NOT remove any DKIM-Signature headers from messages
>>>> they are signing, even if they know that the headers cannot be
>>>> verified.
>>
>>
>>Is MUST NOT ok there, as opposed to SHOULD NOT? I seem to recall someone
>>wanting to be able to remove signatures to hide internal structure. Not
>>sure if that was on the list or not, and it does seem a little bit of a
>>corner case (one could in any case wriggle out of the problem by saying
>>it wasn't the signer that removed the sig, but it was some other bit of
>>code:-) No real opinion myself, just asking.
>
>I copied this from Paul's original. I'm good either way, though
>SHOULD seems more appropriate now.
The MUST NOT was there in the earlier proposal because the
association between p= and the headers was by hash values. This
proposal removes that, and MUST NOT is not needed. If we use "SHOULD
NOT", we need to say when it is OK to do it anyway. Proposal: "To
avoid deleting information that might be valuable to the recipient,
signers SHOULD NOT remove..."
More information about the ietf-dkim
mailing list