It appears that Bron Gondwana <[email protected]> said: >If a header field is not signed by the current instances, then can be assumed >to be blank in all previous instances. Any instance signing a header field >which was not >signed by the previous instance is assumed to be adding it; and receiving >systems MUST NOT assume it was present before.
More than that, receiving systems MUST assume it was NOT present before. >I believe this is actually sufficient for good security, it doesn't mandate >that any instance sign ANYTHING in particular, only the things for which it >requires >attribution. And of course if you modify anything which was signed by ANY >previous instance, you have to provide the algebra to convert back to the >value it had. Those >algebras don't need to be signed because they either work or they don't. It does mean that if there's an existing signature that doesn't include a header in the signature, you can't sign that header either, whether or not you change it. Or is the idea that if you're the first to sign it might or might not have been present before but recipients can't tell and so don't care with it used to say? R's, John _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
