What the recipient does with the data is out of scope. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Michael Thomas > Sent: Friday, October 14, 2005 9:43 AM > To: John R Levine > Cc: [email protected] > Subject: Re: [ietf-dkim] Re: dkim service > > John R Levine wrote: > >>>message has three sigs from Able, Baker, and Charlie (in > that order > >>>if you care about order.) Able and Charlie verify, Baker > doesn't. > >>>Now what do you do? > > > > > >>I have come to the conclusion that you just need to behave > as if Baker > >>isn't there at all. If you treat the message more > favorably, people > >>will insert bogus signatures to make that happen. If you treat the > >>message less favorably, you risk penalizing a message that got > >>modified in transit, or in this case possibly signed by a > defective intermediary. > > > > > > OK. Able is on your whitelist. Charlie is on your > blacklist. Now what? > > Why do we care? Is there a problem if two different receivers > take different actions? How does this differ from today where > this situation is perfectly possible? > > Mike > _______________________________________________ > ietf-dkim mailing list > http://dkim.org > >
_______________________________________________ ietf-dkim mailing list http://dkim.org
