> -----Original Message----- > From: John Levine [mailto:jo...@iecc.com] > Sent: Wednesday, October 13, 2010 2:47 PM > To: ietf-dkim@mipassoc.org > Cc: Murray S. Kucherawy > Subject: Re: [ietf-dkim] detecting header mutations after signing > > >DKIM simply highlights an issue that's been there for a very long time > >now. > > No. No, no, no, no, no. Malformed messages only become an issue when > someone aserts that they're not malformed. In the absence of DKIM > signatures, the reasonable thing to do with a malformed message is to > render it. In the presence of a DKIM signature, the reasonable thing > is something else. That's why this is a DKIM issue.
Do Alpine or Thunderbird or whatever else do anything special now when a message is signed, whether or not the signature(s) pass or fail? Current modules that don't do the kind of enforcement people are demanding and that isn't exacerbating anything. When they add DKIM support in some way, I imagine those MUAs will become aware of the problem and do the "something else" you're talking about. I'm fine with providing some informative guidance about that to MUAs, but that's different than telling verifiers that they are required to enforce something that's not specifically within their scope. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html