[ietf-dkim] Mailing lists and s/mime & dkim signatures - mua considerations
chl at clerew.man.ac.uk
Wed Aug 25 02:58:32 PDT 2010
On Wed, 25 Aug 2010 00:47:20 +0100, Hector Santos <hsantos at isdg.net> wrote:
> Rolf E. Sonneveld wrote:
>> Although DKIM does not specify (as far as I know) what to do with DKIM
>> signatures in inner bodyparts, I think DKIM signatures should never be
>> removed without a good reason.
> If you believe this, then you have to advocate the removal of the RFC
> 4871 mandate regarding invalid signatures changing to no-signature
> status as if it never existed and the message was never signed.
Not so. A retained, but now invalidated, signature should have no effect
on the behaviour of an assessment engine (well almost so - it might like
some assurance that it HAD been signed previously before proceeding to
consideration of the trustworthiness of the MLM's signature, but an A-R
header would provide that).
No, the purpose of retaining that signature is primarily for forensics.
Given that it is meaningless for protocol purposes for the reasons you
gave, it cannot possibly do any harm. Destroying it would do some minor
harm (hindering any forensic investigation). It would also frustrate geeks
who might like to reconstruct the original signed message for verification
purposes, but they are not the primary custimers of any retention. It is
simnply a matter of not destroying potentially useful evidence.
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim