On 10/3/2015 10:08 AM, John R Levine wrote:
> I suppose the version bump to v=2 is an open issue, but I don't really
> see what the problem is. Since the current spec says that unknown tags
> are ignored, there's no way to add mandatory tags without a version
> bump. I believe when this came up before, people looked at common DKIM
> libraries including yours, the perl and python ones, and found that the
> current code would all fail a v=2 signature, so the version bump should
> do what we want it to.
Claiming that something is mandatory, as part of a version bump, is
meaningless, when the installed base will be using the older version and
ignoring the supposedly-mandatory new feature.
If the installed base can legally ignore a new feature, then it is not
mandatory.
The only way to make a feature mandatory in a new version is to provide
it in a fashion that makes it only available to folks adhering to the
new set of mandatory features.[*]
FWIW, this is equivalent to saying that adding new
mandatory features is equivalent to creating a new
protocol.
So if you want to modify DKIM to change the set of mandatory features,
then specify that the signature use a /different header field name/,
such as DKIM-Signature2. Only adherents to the new scheme will see this.
If the signer wants legacy folk who only understand older DKIM to also
be able to evaluate a signature, then the signer needs to create two
signatures.
Things get easier if you make the new feature optional, in which case
you don't need a version number...
d/
[*] There's an exception that takes a long time, which being starting
by making the feature initially optional, then waiting for it to gain
massively widespread adoption, then issuing a declaration that it is now
mandatory.
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
