On 07/23/2012 06:13 AM, Barry Leiba wrote: >> That customer brought up an interesting point. "t=y" could also be useful >> for messages whose signatures do verify. Specifically, it could be used by >> a signer to say "It's possible this message shouldn't have been signed by >> us. Please don't give it any preferential treatment based on our name's >> reputation if the signature verifies, which could then tarnish our >> reputation." > > But more to the point, it seems that this isn't a specific "we're > testing our system" issue, but a separate issue related to reputation: > "Do not use signatures made with this key as input to your evaluation > of our reputation." It would seem best to propose a new tag, in a > DKIM extension, for that purpose, rather than re-using and overloading > t=. >
There seems like there are many things wrong with this sort of "helpfulness". If a given selector is dodgy, the reputation system should figure that out for itself. Believing even a vaguely positive-assertion from the source is almost certainly a mistake, and likely to be gamed if you do. Mike Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
