John Levine wrote: >> Parsing and dealing with the value in x= is probably easier code than >> doing the same with a date-stamp from a Received header. >> > > I think we all agree that t= is useful to have an easily parsed version > of the time the message was signed. > I have a lot more trouble understanding why t= needs to be kept than why x= needs to be kept. As a signer, I would much rather specify an expiration time for the signature than to specify the time at which it was signed than to have the verifier add a fudge factor to the signing time and use that as the expiration. On this list, I have already heard numbers between 1 and 2 weeks for the fudge factor, so the signer would really have no idea how long the signatures are valid.
In addition to Arvel's comment about the relative difficulty of parsing date/time out of Received headers, it's a really bad idea to do that because they're not signed. -Jim _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
