On 04/06/2011 10:53 AM, Murray S. Kucherawy wrote: > >> Having cross semantic correlation of what headers mean with the >> presence of dkim signatures from various different signers seems >> like a lot more of layer violation to me. >> > That a DKIM hash covers a header field doesn't assign any new meaning to the > field. It only guarantees its integrity. >
But that's the basic problem with the approach that Steve laid out: we don't enforce any semantics about why a signer signs something. Doing so would open a large can of worms. Limiting new additions to the dkim header itself at least would limit the problem of adding new semantics of a signature header to exactly the entity doing the signing. The alternative would be very squirrelly when you think of the general case of multiple signers in the path. Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html