[ietf-dkim] Output summary - proposing ODID "Originating Domain Identity"
Michael Thomas
mike at mtcc.com
Wed May 4 11:10:09 PDT 2011
On 05/04/2011 11:03 AM, Murray S. Kucherawy wrote:
>> -----Original Message-----
>> From: Michael Thomas [mailto:mike at mtcc.com]
>> Sent: Wednesday, May 04, 2011 10:54 AM
>> To: Murray S. Kucherawy
>> Cc: dcrocker at bbiw.net; ietf-dkim at mipassoc.org
>> Subject: Re: [ietf-dkim] Output summary - proposing ODID "Originating Domain Identity"
>>
>>
>>> The advice that a verifier can ignore the "l=" tag was in RFC4871, so
>>> copying it to RFC4871bis doesn't seem like a problem to me.
>>>
>> You can't ignore the *tag*. That's the normative change. Whether you
>> ignore the *output* is another matter. But of course you can't ignore
>> the output because l= is "internal". Yet another problem.
>>
> But RFC4871 also said you could ignore the tag, so I don't understand the distinction you're making.
>
Like I said, i only looked at this for a few minutes -- 4871 is wrong or
sloppy
here too. But my other objection still stands: with the procrustean "output"
as it stand right now, an upper level entity would not be able to ignore
signatures with l= because that's "internal".
Mike
More information about the ietf-dkim
mailing list