[ietf-dkim] chained signatures, was l= summary
John R. Levine
johnl at iecc.com
Fri May 29 14:22:11 PDT 2009
>> DKIM is too complicated as it is, and it strikes me as an extremely poor
>> idea to add yet more cruft to work around perverse situations that are as
>> yet (and probably always) entirely hypothetical.
> I don't understand what "cruft" you think I'm talking about.
Telling people that it is reasonable to add a chain of A-R headers to
messages with broken signatures, and expecting recipients to apply some
ill defined algorithm to decide how much they believe each level of
I would really like to remove l= from DKIM to make it clear that it is not
a good idea to even try to guess the history of a message based on
signatures that don't verify and cover the whole messag.
More information about the ietf-dkim