[ietf-dkim] Accidental versus malicous error
Damon
deepvoice at gmail.com
Thu Dec 20 18:23:26 PST 2007
> Hector,
>
> You know me as a logical person that can persuaded into understanding
> something that I might have disagreed with in the past and we usually
> think alike. In this case, I am really trying to figure out how
> promotion from BAD to NONE doesn't break ALL and promotes to STRICT.
> Because a good or bad a signature is a signature whereas promoting a
> BAD signature to NONE fails ALL and therefor promotes ALL to STRICT.
> I realize in the real world we would likely promote BAD to NONE
> ~after~ the validation, but if we are going to do that way, then I
> would like to see wording as such in the draft. With this in place, I
> would not have an issue with it.
>
> Regards,
> Damon Sauer
>
After re-reading what I wrote, I (like most people likely) went "Huh?"
What I would like to see is something that keeps the integrity of ALL
without promoting to NONE and some implementer pointing to the RFC
later and saying "See, I handled this message correctly because I
promoted the broken signature to NONE" in the case where a broken
signature met an ALL policy.
Maybe it is just too late at night. My wordsmith went home.
Regards,
Damon Sauer
More information about the ietf-dkim
mailing list