[ietf-dkim] Issue 1579: ADSP result set, New issue: ADSP status codes

[John Levine]

>| But *FWS is flat out wrong (reported as DKIM erratum).

Ah, you want [FWS] rather than *FWS.

>See <http://rfc-editor.org/errata_search.php?eid=1461>

I see it, but I also see that nobody has confirmed it.  If the DKIM
authors agree it's a mistake, then we should change it.  Otherwise,
consistency wins.

>But for Resent-* the author domain has no authority over
>resenders.  Everybody is entitled to resend mail, years
>after it arrived.  ADSP claiming that such legit Resent-*
>scenarios are "discardable" is a process failure.  This
>means "DO NOT PUBLISH", not "mission creep".

Um, I think this might be a good time to review what DKIM is and
isn't.  It's intended to protect messages in transit, not in archives.
Umpteen years later, with or without Resent headers, the signing key
is unlikely still to be in the DNS, so any process that depends on
verifying DKIM on old messages won't work.  ADSP doesn't change that.

R's,
John