[ietf-dkim] Collection of use cases for SSP requirements
wietse at porcupine.org
Fri Nov 17 07:18:01 PST 2006
> > My understanding is that DKIM-base can produce only two results:
> > signature verification succeeds or signature verification fails.
> > I may be mistaken, but it seems to me that expanding these two
> > results into >2 involves information outside DKIM-base.
> Part of the problem here, I think, is that it depends on who the result is
> for. From a forensics standpoint, broken signatures are clearly a lot
> different than no signature. For your average automaton, however, they
> *never* be taken as different if the difference leads to preferential
> of broken/none (or visa versa).
This is an excellent point. There is a wealth of additional
information. Once there is confidence that it is valid, it should
not be ignored.
But we have to be careful, or else we end up with a chicken and
My analysis takes the position of the automaton, and looks at what
information is available before we declare the wealth of additional
More information about the ietf-dkim