[ietf-dkim] Re: dkim-base-01 nits and semi-nits
Jim Fenton
fenton at cisco.com
Mon May 1 16:59:18 PDT 2006
Eric Allman wrote:
>> My only concern is to ensure we're not prescriptive to a
>> verifier. Anywhere we say "reject" probably should be changed to
>> "treat as unsigned" as long as there is no implication one way or
>> the other as to what a verifier does with that "is verified" or "is
>> not verified" knowledge.
>
> At some level I agree with you. But saying "treat as unsigned" is
> just as prescriptive as "reject" --- either is telling the verifier
> what to do. As a verifier, I may want to just outright reject all
> messages that have unsigned content. It's probably not a good idea,
> but someone somewhere will want to do it someday.
"Treat as unsigned" seems a little ambiguous when there might be
multiple signatures. It might be interpreted as "treat the message as
though it is completely unsigned" as opposed to "consider this signature
invalid" which I think is your intent.
-Jim
More information about the ietf-dkim
mailing list