[ietf-dkim] list expanders (was Re: chained signatures, was l= summary)
mike at mtcc.com
Thu Jun 11 07:34:19 PDT 2009
J.D. Falk wrote:
> Michael Thomas wrote:
>> There is *NO* *REASON* to strip signatures. NONE.
>> In fact it is HARMFUL.
> You are clearly *VERY* *PASSIONATE* about this, but would you care to share
> the logic you used to come to this conclusion?
Well for starters, RFC4871 section 3.5:
The DKIM-Signature header field SHOULD be treated as though it were a
trace header field as defined in Section 3.6 of [RFC2822], and hence
SHOULD NOT be reordered and SHOULD be prepended to the message.
And from RFC2822 section 3.6:
More importantly, the trace header fields and resent
header fields MUST NOT be reordered, and SHOULD be kept in blocks
prepended to the message. See sections 3.6.6 and 3.6.7 for more
And then RFC4871 section 4.2 goes on to say:
Verifiers SHOULD ignore failed signatures as though they were not
present in the message.
So the better question is why you choose to violate the SHOULD's of
rfc4871 and rfc2822? SHOULD does not mean, "if I don't feel like it".
More information about the ietf-dkim