On 10/17/2017 03:28 PM, Dimitri Maziuk wrote: > On 10/17/2017 04:40 PM, Grant Taylor via Mailman-Users wrote: >> On 10/17/2017 03:22 PM, Mark Sapiro wrote: >> >>> In other words, an invalid DKIM signature SHOULD be treated no >>> differently from no signature. >> >> Fair enough. > > Why? If this message doesn't match its signature, then it has been > altered in transit for sure. If were not signed, like when I post from > home (because I can't be arsed to set gpg up on winderz), then there's > no telling if it was or wasn't. One of those things is quite a bit not > like the other.
Why? Because that's what the DKIM standard, RFC 4871, says. You have a point, but to be safe you should assume that unsigned mail has been altered and if it's important, insist on some kind of cryptographic verification. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org