----- Original Message ----- From: "Dave Crocker" <[EMAIL PROTECTED]>
> Hmmm. Come to think of it, I'm inclined to interpret the Postel > dictum as meaning that a broken signature (for whatever reason) is > the same as no signature. Pretend it wasn't there. > > That's the most robust (liberal) handling by the validator. > > So maybe DKIM has remained within the fold. Dave, The Wolves (Bad Actors) will lick their chops with that interpretation, and have. "Postel's Law": "be conservative in what you do, be liberal in what you accept from others" (often reworded as "be conservative in what you send, be liberal in what you receive"). http://en.wikipedia.org/wiki/Postel's_Law I've always interpreted this natural law philosophy to mean where there is an indeterminate decision, a resultant first based on everything being done as expected, you side with acceptance. In the "good actor" world, the sender will tend to be correct without ambiguity thus lowering confusion for the receiver. The expectation is you are doing thing correctly. Where there is an indecision, you side with acceptance. Of course, for DKIM, it should all depend on the "reason" for the breakage. In the case of a bad expiration attribute, that should be an immediate red flag for rejection with a high payoff, low false positives. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://dkim.org/ietf-list-rules.html
