On 21/Oct/10 17:47, John R. Levine wrote: >> If Big-Bank had been added after signing, verifiers are already >> authorized to delete that field from the message, according to the >> current PS. Isn't that enough? > > I don't know any DKIM verifier that modifies the message, and I doubt > that many people would want to use one.
Adding and removing Authentication-Results is probably the most common modification. Removing header garbage may also be fairly popular, dunno. Why do you think it's bad? At any rate, the paragraph I was referring to is The verifier MAY treat unsigned header fields with extreme skepticism, including marking them as untrusted or even deleting them before display to the end user. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html