----- Original Message ----- From: "Michael Thomas" <[EMAIL PROTECTED]> To: "Paul Hoffman" <[EMAIL PROTECTED]>
>> If MUAs are not supposed to be validating messages, then we >> need to change the -base spec in many places. > > You can't have both ways: either signatures are valid essentially > forever -- which is what would be required for MUA's to reliably > validate signatures -- or they aren't. MUA's that happen to be > able to read the message within "transport" time are perfectly at > liberty to validate messages -- no restrictions at all. But that's > a much different proposition than saying that they will be able to > validate them whenever they get around to reading them. That is not > the problem we set off trying to solve. You can have it both ways with the proposed change to use the message reception time: dynamic verification -> msg reception time = current time delayed verification -> msg reception time = 2822.Received: time This resolves the question on whether the expiration tag may be used to invalidate an already stored message based on the current time. See http://mipassoc.org/pipermail/ietf-dkim/2006q2/003134.html -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
