> -----Original Message----- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] > On Behalf Of John R. Levine > Sent: Thursday, October 14, 2010 7:59 AM > To: dcroc...@bbiw.net > Cc: DKIM List > Subject: Re: [ietf-dkim] layer violations, was detecting header mutations > after signing > > If allowing through modified messages that render very differently > isn't broken, shouldn't we remove the advice against signing with l=0? > The advice in favor of signing Subject: and To: fields? None of those > has any technical effect on the ability of a verifier to compute and > compare hashes. > > If not, what's the difference, other than the fact that we thought of > some of them several years ago and just noticed these last week?
The difference is that the Subject:, To: and l= advice don't dabble in the area of having to tell a DKIM implementer to enforce parts of other protocols. Adding a second From: makes the message format illegal. The other ones don't. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html