[ietf-dkim] t=y is ugly and critical tagsb
herzbea at macs.biu.ac.il
Mon Apr 24 23:35:34 PDT 2006
Small complaint: in draft-ietf-dkim-base-01.txt, the record (section
3.6.1) defines a `flags` tag identified by `t=`, with the only defined
value being `y`, standing for `testing DKIM, do not discard message even
if signature verification fails`.
I guess the original role for `t=y` was for `testing flag`, then
extended so that the same parameter can be used for future-defined
flags. Probably a good idea, but leaving the choices `t=y` is ugly (not
I know implementors will hate to change but I still think the spec
should adopt the menmonic `f=t` (for `flags=test`) instead...
Implementations can also support the old `t=y` tag to avoid glitches.
This should not cause a problem as the spec says to ignore any undefined
tags (in both key record and signature).
I'm actually concerned also about this. Suppose you need a new tag to
the key record or to the signature, and this tag is `critical` - the
signature or key record should _not_ be used by someone not aware of
this tag. This seems quite possible. We could support this pretty easily
by allowing marking of such critical tags, e.g. any tag beginning with
c- is critical (and if not recognized, entire signature or key record
should be ignored).
Nothing much.. Best, Amir Herzberg
More information about the ietf-dkim