On 6/11/2014 4:15 PM, John Levine wrote: > So if you don't want people using unforwarded weak signatures > for reputation management, you need to put something into them so that > old clients don't accept them as signatures and ignore the t= tag. > Either call them something other than DKIM-Signature, or do a version > bump to v=2.
If a receiver cares about 'strength' (or perhaps robustness) of signatures, they should pay attention to that. This does not require changes to DKIM. Rather, it requires receivers being diligent. The issue has nothing to do with DKIM-Delegate. That is, -Delegate is not creating the issue. Signers have always been free to hash less or more of the message. So while -Delegate might be making the issue more salient, by making everyone more aware of it, the issue already existed. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
