* Bill Cole: > There's no need to watch, if you can imagine what it would look like > from the description in the specification of how to include non-existent > headers in a signature.
I'm aware of RFC 4871 section 5.4. "The From header field MUST be signed", so here's where signing non-existing headers is of interest. Sender does not need to be signed if it does not exist. "signing fields *present* in the message such as Date, Subject, Reply-To, Sender, and all MIME header fields are highly advised." (my emphasis). Signing a non-existing Sender header to prevent a ML from adding it is bull in my opinion, and who does that should not complain. -Ralph
