[ietf-dkim] Re: Requirements comment: Bigbank example description
Frank Ellermann
nobody at xyzzy.claranet.de
Thu Aug 10 03:43:57 PDT 2006
Hector Santos wrote:
> Hope this provide some insight.
Yes. Following your pseudo-code I get "surprising" FAILs for
the Resent-* cases:
A signed mail with "strict" SSP is Resent-From Jou User. The
included original signature is valid, everxything works, UNLESS
Joe's mail service provider signs all outgoing mails. Then the
resent mail would have two signatures, one by Joe's provider,
and that second signature FAILs for a "strict" SSP.
That shouldn't happen, it's completely out of Joe's control.
Aa requirement that would be:
"The protocol" MUST be either compatible with "resent mail",
independent of the signing practices of a resending service,
or explicitly explain why and when that's expected to fail.
That would affect section 5 5 in the DSAP draft.
Frank
More information about the ietf-dkim
mailing list