On 08/03/2010 10:34 AM, Rolf E. Sonneveld wrote: > > <quote> > Changes that merely add new header fields, such as those specified by > [LIST-ID], [LIST-URLS] and [MAIL] are generally the most friendly to > a DKIM-participating email infrastructure in that their addition by > an MLM will not affect any existing DKIM signatures unless those > fields were already present and covered by a signature’s hash or a > signature was created specifically to disallow their addition (see > the note about "h=" in Section 3.5 of [DKIM]). The shortest path to > success for DKIM would be to mandate that all MLM software be redesigned > or re-configured with that goal in mind. > > However, the practice of applying headers and footers to message > bodies is common and not expected to fade regardless of what > documents this or any standards body might produce. This sort of > change will invalidate the signature on a message where the body hash > covers the entire entire message. Thus, the following sections also > investigate and recommend other processing alternatives. > > </quote>
That's not really answering my question, unfortunately. I'm asking what you intend to use the original signature's verification status for with the knowledge that you will have a non-zero false positive rate. We did our experiment with spear-phishing in mind: ie, can we tag mail purporting to originate from us with a bad/missing signature with an acceptable false positive rate. It was pretty close. I don't know what problem your proposal is intending to solve. Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html