John R Levine writes: > d) Versions are cumulative. Every signature that is a valid version N > signature is still a valid version N+1 signature, give or take the change > in the b= hash due to the version bump.
I think this is unnecessarily restrictive. It's unnecessary because a verifier that wants to handle multiple versions can always incorporate a routine per version. It's restrictive because a later version might want to disavow an earlier version. For example, v2 might REQUIRE that signatures enforce the RFC 5322 limit of one on From, To, Cc, and Message-ID, which would be incompatible with v1 signatures that don't do so. (Don't take that example too seriously. Use of "cumulative versions" requires demonstrating nonexistence, or at least "nonimportance", of *any* example of desirable incompatibility.) _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
