On 6/11/2014 4:56 PM, John R Levine wrote: >> If a receiver cares about 'strength' (or perhaps robustness) of >> signatures, they should pay attention to that. > > It is my impression that the idea here is that a signature with t= isn't > interesting unless there's a matching signature with d=. Or did I > misunderstand that.
It is provided because there is a -Delegate enabled, yes. On the other hand, the concern that the token signature will get used when it shouldn't essentially means it is interpreted without awareness of -Delegate. Hence this is merely the case of two, competing signatures and deciding which to choose. That's a generic DKIM issue, and its resolution depends on the DKIM evaluation. > You are of course correct that senders have always been allowed to > create weak signatures, but until now there has been little incentive to > do so. Hence my citing 'salience'. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
