On 10/14/2010 07:58 AM, John R. Levine wrote: >> Perhaps surprisingly, having redundant header fields does not make >> DKIM break. > > We must have some vastly different definition of "break". > > If allowing through modified messages that render very differently isn't > broken, shouldn't we remove the advice against signing with l=0? The > advice in favor of signing Subject: and To: fields? None of those has > any technical effect on the ability of a verifier to compute and compare > hashes.
There is an enormous difference between the situations with DKIM and, say, TLS+X509. With TLS, you take the output of the checks and use THAT ALONE to decide to deliver the bits or not. DKIM has *never* been such a protocol: there is a vast backstop of security infrastructure where DKIM is a just helper. Like I said, give spam/phishing filter writers some credit. They are not idiots. Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html