On 10/6/2010 9:17 AM, John R. Levine wrote: > Is it DKIM's job to make the verification fail, or is it an MUA's job to do > something reasonable with malformed messages?
At one level, that's merely an implementation choice. At another level, it is a question of whether conformance enforcement MUST occur at all. The discussions have tended to assume that it MUST occur, by virtue of the DKIM requirement for 'conformant' messages. Steve's point cleverly suggests that DKIM itself can dodge the issue by -- once again -- having things simply rest on verification outcome. I find the simplicity and sufficiency of Steve's point pretty darn appealing. To emphasize: It's sufficient because it focuses on DKIM's actual goal and does not expand that scope. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html