(Sorry if what I say has been said, catching up on list mail) On January 18, 2006 at 16:53, Eliot Lear wrote:
> * Some guidance will need to be given about protection of the > "Subject:", "Sender:", and any other headers that are protected. > This goes beyond mailing list maintainers. If the signing domain > protects either, then the mailing list system should be reticent > to make changes. But should the signing domain sign these things > in the first place? Mutation of header fields can be dealt with if the signer is able to save the contents of the fields it signs, and those saved versions are what is used during verification. Verifiers can then restore the save versions if verification passes. Currently, DKIM does not support this, and the saving capibility is limited. You do get into problems if multiple signatures exist where a given header field is different for each saved version for each signature. Such descrepencies could be dealt with if role information is provided. --ewh _______________________________________________ ietf-dkim mailing list http://dkim.org
