Hector Santos wrote:
>>>>> "! All mail from the entity is signed; Third-Party
>>>>> signatures SHOULD NOT be accepted in lieu of an
>>>>> entity signature
>> Yes, that's what it's supposed to mean.
> So in other words, for the EXCLUSIVE (o=!) policy.
> DO NOT ACCEPT IF AN OA SIGNATURE IS MISSING.
> DO NOT ACCEPT IF A 3RD PARTY SIGNATURE IS PRESENT.
Only the first DO NOT. The second DO NOT is unnecessary and
potentially harmful. What if the author is forced to send
via a route where a 3rd party routinely adds its signature
without caring about SSP ?
What if the receiver forwards his mail to another MRN, and
his clueless forwarder always adds a 3rd party signature ?
The important point is the first DO NOT. the second would at
best save you (as the checking receiver) a few lines of code.
Bye, Frank
_______________________________________________
ietf-dkim mailing list
http://dkim.org
