[ietf-dkim] Re: ISSUE: Better definition of
"DKIM signing complete" required
nobody at xyzzy.claranet.de
Sun Nov 26 02:27:48 PST 2006
Eliot Lear wrote:
> If you want issues opened, please include "new issue" in the subject,
I used "ISSUE:" as subject tag triggering #1398, therefore I sticked
to what worked in <http://permalink.gmane.org/gmane.ietf.dkim/6566>.
> Please include at least something more descriptive than the above so
> people understand what precisely the issue is.
The issue is Alice with an "I sign everything" SSP. Bob resends her
mail, he has no clue what SSP and DKIM are, his MUA also doesn't know
it, and maybe his ISP removed Alice's signature at the MDA (proposed
by Doug as naive anti-replay strategy some months ago).
Would the next hop check Alice's SSP (ignoring Bob's Resend-* header
fields) and reject Bob's mail, if Alice's signature didn't survive
the resending ? Or if her signature is too old.
A related question is "what is a 'sender' in paragraph 4 of 4.1 ?",
if you think it should get its own ticket it's okay.
More information about the ietf-dkim