On Fri, 28 Apr 2006, Eric Allman wrote:
The z= tag is only supposed to be used for "diagnostic purposes", not for
computing the hash. Changing that would have major implications that we
would have to examine very carefully.
So if mail list changed Subject header field (and for purposes of this
question did not add other fields or changed content data) and there was
a signature in message before that contained original Subject in the 'z'
tag AND now message got to verifying agent - that agent is supposed
to say the signature is invalid rather then use data from 'z' tag to
attempt to verify the signature?
---
William Leibzon
Elan Networks
[EMAIL PROTECTED]
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
