On 11/7/2019 3:16 PM, Brandon Long wrote:
On Thu, Nov 7, 2019 at 9:28 AM Dave Crocker <[email protected] <mailto:[email protected]>> wrote:On 11/6/2019 9:43 AM, Brandon Long wrote: > What's more, the point of including Subject and other mutable headers is > the same as it is for DKIM, those are the headers which are important to > the receiver, so they should be validated. This being a technical list, I'm going to get picky and note that DKIM does not 'validate' those fields. There is a derivative data integrity benefit, between signing and validated, for such fields, but that is quite different from any claim that the contents of those fields are 'valid'. Some signing sites have much more stringent uses of DKIM than are provided by the standard. That's fine, of course, but it has nothing to do with the standard. Hence any receive-side reliance on such signer data validation is outside the DKIM standard. I should have said "covered by the signature". And I think they are important to both the sender and receiver, your DKIM RFC calls them "core to the message content" and so the "core of the message is valid"... which is different than validated, of course.
yeah. really unfortunate language. over the course of different DKIM docs, I kept finding language that needed to be /much/ better. Only some of it now is.
That's not one of them, since the context was of that bit of text was meant to assert transit integrity rather than data 'validity'. sigh.
At least there is some comfort that that section makes clear it's concern is replay protection, rather than semantic validity.
d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
