My only concern is to ensure we're not prescriptive to a
verifier. Anywhere we say "reject" probably should be changed to
"treat as unsigned" as long as there is no implication one way or the
other as to what a verifier does with that "is verified" or "is not
verified" knowledge.
Thank you. We keep confusing the base signing/validating specification
with larger policy uses of a signature.
We really need to keep the base specification a simple, narrow and
mechanical as possible.
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html