----- Original Message ----- From: "Tony Hansen" <[EMAIL PROTECTED]>
> The message corpus found on dkim.org contains messages > with illegal expirations like "x=-1019102801;". > > I'll be correcting these in the revised corpus I'm working on. > > However, there is a question for the base spec: what should be > done when faced with an invalid expiration date such as that? > Ignore it? Treat it as a signature failure? Treat the message > as always expired? This isn't like the old days where a sites machine is using the wrong HELO domain or isn't using brackets Domain literals or there a space after the MAIL FROM:, etc, and we have all sorts of relaxations. Poor form *must* be a major part of the protection. Our implementation will be to reject all illegal DKIM implementations, the form, the syntax, etc - regardless of any relaxed DKIM specification or recommendation and especially of any accreditation system saying otherwise including augmented fee-based tokens. We would not recommend it to be a great idea to start something "new" with relaxed provisions for broken implementations - that 80% of the problem today. It should not be expected behavior. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://dkim.org/ietf-list-rules.html
