[ietf-dkim] Accidental versus malicous error
deepvoice at gmail.com
Thu Dec 20 18:15:41 PST 2007
> Under the default SSP policy (UNKNOWN or OPTIONAL signing), a bad
> signature promotion to NONE will validate the message as it never
> occurred. The same will occur when a domain has a ALL|STRICT policy but
> the verifier does not support SSP. Of course, opinion may vary, to me,
> I stand by the idea that is not a demotion of state, but rather a
You know me as a logical person that can persuaded into understanding
something that I might have disagreed with in the past and we usually
think alike. In this case, I am really trying to figure out how
promotion from BAD to NONE doesn't break ALL and promotes to STRICT.
Because a good or bad a signature is a signature whereas promoting a
BAD signature to NONE fails ALL and therefor promotes ALL to STRICT.
I realize in the real world we would likely promote BAD to NONE
~after~ the validation, but if we are going to do that way, then I
would like to see wording as such in the draft. With this in place, I
would not have an issue with it.
More information about the ietf-dkim