[ietf-dkim] Base issue: multiple linked signatures
John L
johnl at iecc.com
Thu Jan 4 09:24:46 PST 2007
>> Can you describe the algorithm to distinguish the cases where the original
>> value is fine from the cases where it's not?
>
> You took one line without additional context where I gave an example of users
> who have processing script to find mail lists based on subject tags.
We all have scripts like that. What do they have to do with DKIM
signature validation?
> BTW - Did you notice that we are talking about email cases where message
> passed through processing system that thought its ok to make modifications
> to the originator's header data before further delivery. So is the question
> you're asking when its ok to make further modifications to the same message?
Actually, that's not at all what I was talking about. I was asking how a
recipient system can algorithmically distinguish an upstream modification
that broke the signature but was "ok" from one that wasn't.
I think that we all agree that if the intermediate system re-signed the
message and we trust that signature, the message is OK. But the
discussion in progress is, as far as I can tell, about messages where an
intermediate system modified but did not re-sign.
R's,
John
More information about the ietf-dkim
mailing list