[ietf-dkim] Accidental versus malicous error
Charles Lindsey
chl at clerew.man.ac.uk
Fri Dec 21 04:33:17 PST 2007
On Fri, 21 Dec 2007 02:15:41 -0000, Damon <deepvoice at gmail.com> wrote:
> You know me as a logical person that can persuaded into understanding
> something that I might have disagreed with in the past and we usually
> think alike. In this case, I am really trying to figure out how
> promotion from BAD to NONE doesn't break ALL and promotes to STRICT.
> Because a good or bad a signature is a signature whereas promoting a
> BAD signature to NONE fails ALL and therefor promotes ALL to STRICT.
> I realize in the real world we would likely promote BAD to NONE
> ~after~ the validation, but if we are going to do that way, then I
> would like to see wording as such in the draft. With this in place, I
> would not have an issue with it.
The interesting case is where the signature from the originator is present
but invalid (so maybe you treat is as absent like DKIN-BASE says). BUT
there is also a second valid signature from some mailing list
expander/forwarder/whatever (and maybe even an Authentication-Results to
say that the signature was fine on arrival at that list expander).
That is the point where the difference between ALL and STRICT come into
play. STRICT indicates that the originator wishes you to discard such a
messaqge regardless. ALL leaves you some discretion to keep it, dependent
on whether you trust the list-expander (maybe you can consult his
reputation).
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim
mailing list