[ietf-dkim] Base issue: multiple linked signatures

[Charles Lindsey]

On Thu, 04 Jan 2007 12:23:54 -0000, Stephen Farrell  
<stephen.farrell at cs.tcd.ie> wrote:
>
> When we've a reasonable looking alternative, then we can ask the
> change/no-change question.

If you simply s/MUST NOT/SHOULD NOT/, then you are saying, in effect:

"When used for the purposes and in the manner envisaged when this standard  
was written, then signatures have no need to use this tag other than for  
diagnostic purposes. However, if some other purpose becomes apparent, or  
some other manner of achieving the needed security is proposed, then we  
have left open the possibility that this tag may play a part in it".

So SHOULD NOT is the minimal change. But you could as easily omit all  
MUST/SHOULD/MAY stuff and simply explain that "This tag is not intended to  
pay any part in the signature verification process when this standard is  
used for the purposes and in the manner envisaged. But it is not precluded  
that situations may arise where its use may provide security that could  
not have been achieved without it".

All of which is somewhat waffly, but it does not commit us to things we  
might regret. And, in any case, "MUST NOT" is not enforceable, and there  
is no interoperability problem that it prevents, and hence it is a breech  
of RFC 2119 to use it.

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131                       
   Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5