On Fri, May 20, 2016 at 4:44 PM, Kurt Andersen (b) <kb...@drkurt.com> wrote: > On Fri, May 20, 2016 at 1:36 PM, Jim Popovitch <jim...@gmail.com> wrote: >> >> On Fri, May 20, 2016 at 4:15 PM, Steve Atkins <st...@blighty.com> wrote: >> > >> > DKIM is designed to support multiple signatures. There are many >> > operational >> > reasons why having two signatures may be useful (reputation & FBL, >> > reputation >> > migration, author and sender reputation, ...). >> > >> > Support for multiple signatures in MTAs has taken a while to show up, >> > for >> > reasons that don't really matter. >> > >> > Anyone flagging multiple signatures as problematic is probably clueless. >> >> >> It's not problematic, but since only 1 signature at a time can be >> validated any remaining sigs become basically untrusted ascii data. > > > That's not true at all. All signatures can be valid. The output from such > validation is a list of the signing (d=) domains. What decision(s) the > receiver makes on the basis of that list is entirely up to them.
I beg to differ. Who only signs the body and not the headers? -Jim P. _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
