Murray S. Kucherawy writes: > On Sat, Jun 14, 2014 at 11:53 PM, Stephen J. Turnbull <step...@xemacs.org> > wrote:
> > > > How about a new tag, "shf=" (special header fields). Ignored > > > by legacy verifiers, as required; otherwise, contains a > > > colon-separated list of fields that get special handling by > > > verifiers. "Special handling" depends on the header field and > > > would need to be documented in each case. For DKIM-Delegate, > > > for example, it is always canonicalized in a special way that > > > would cause the signature never to validate for a legacy > > > verifier. > > This seems to have it backwards though, because it's the presence of > > the DKIM-Delegate field that means one or more of the DKIM-Signature > > fields require special handling. > True, but I think that small bit of weirdness is fine in the face > of the token signature that would be misinterpreted and possibly > abused by legacy DKIM installations that don't know about new tags > or header fields. I don't understand. My point is that in the case of a token signature and one or more content-covering signatures, it is a nonempty proper subset of fields of the same DKIM-Signature type that need "special" treatment. How do you reliably distinguish a subset of fields with the same tag? Am I missing something? The DKIM-Delegate field is a different type. Of course its handling is special. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
