On Jun 2, 2009, at 2:10 PM, Paul Russell wrote: > Ah! I have a less-than-complete understanding of the current > specification. Why does the current specification allow the signer > to specify an arbitrary value for l=, rather than requiring the > value of l= to be the actual length of the message body at the time > the message is signed?
There are cases where a receiving MTA or delivery agent will append a notification to incoming messages. For example, when the DKIM signature is checked after being forwarded and the i= parameter has been used, appended notifications will not affect the signature verification process. Appended portions of a message will need to be annotated differently, in the same manner unsigned headers should also be annotated differently. Proper annotation may require greater annotation flexibility, or perhaps creation of message copies containing only signed information. How messages are annotated is beyond the scope of the DKIM specifications. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
