[ietf-dkim] Attempted text for x=
Douglas Otis
dotis at mail-abuse.org
Thu Apr 20 11:49:00 PDT 2006
On Apr 20, 2006, at 11:34 AM, Jon Callas wrote:
> On 19 Apr 2006, at 10:14 AM, Paul Hoffman wrote:
>
>> What is the interoperability or harm-limiting purpose of verifiers
>> checking x= values? If there is none, the sentence above needs to
>> be a MAY.
>
> I don't want to torture people with my reasoning, but x= needs to
> be a MAY, but for possibly different reasons.
>
> My reasons are that I don't think that an implementer needs to
> "carefully weigh" whether to implement x=. I think that casually
> weighing it is just fine. I've been thinking a lot about uses for
> x=, and some of them might allow someone to game DKIM against other
> parts of a mail filtering system. And yes, I know that this comes
> close to conflating SHOULD-implement vs. SHOULD-deploy, but I would
> not think ill of an implementor whose decision was "I don't
> understand it well, so I'm not implementing it," which is the
> antithesis of SHOULD.
The jabber chat concluded MAY...
There is also a downside ignoring x= when forwarding mail. Safe
solutions for this involve changing the way MTAs operate. Gaming is
also possible when not paying attention, especially when invalidated
signatures offer a basis for rejection. When this happens down-
stream, MTAs not paying attention will be left dealing with DSNs.
-Doug
More information about the ietf-dkim
mailing list