On Thu, 19 Jun 2008 01:56:43 +0100, Hector Santos <[EMAIL PROTECTED]> wrote:
> Why? Why put further confusion and ambiguity on receivers? Why further > perpetuate a continued recognition of a lower payoff in DKIM analysis? > Why make the life the support people or whoever trying to make heads or > tails if a header was indeed part of the original hashing and integrity > expected to be maintain? I can see it now - we will never know if a > SUBJECT or TO (which is not required by 2822) was part of the message or > not even if h= says there *might* be a header. IMV, domains will be > stupid to risk playing games that only adds confusion with an already > complicated concept - a strategy you should expect to see from DKIM > exploiters. Eh? If a message genuinely had no Subject header, but 'subject' was included in the "h=" tag, then that does not mean there "might be a Subject header". It means there was NOT a Subject header when it was signed, and if one gets added en route the verifier will report a DKIM falure, and rightly so. That would be DKIM working exactly as intended. -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email:[EMAIL PROTECTED]: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html