Dave Crocker writes: > Hence this is merely the case of two, competing signatures and deciding > which to choose.
An invalid DKIM signature should not be treated differently from the absence of that signature. I'm not sure about the intended precise technical interpretation of that clause, but I suspect that some (many?) verifiers will simply drop it from further consideration. In spoofed messages either the content-covering DKIM signature will be invalid, or it will be missing. So the valid signature matching -Delegate is indeed weak (authenticates little content), but *there is no competing signature*. I don't know if that matters to your argument. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
