Hector Santos wrote: > ----- Original Message ----- > From: "Jim Fenton" <[EMAIL PROTECTED]> > > >> This points out another problem: if a verifier defers verification or >> acceptance of a given message, it SHOULD maintain enough state so that >> the message may be accepted after some number of retries, so that >> messages with key retrieval problems are not rejected entirely. >> > > Jim, > > Wouldn't that create a loophole? > If you mean, how would the verifier know how many deferrals are acceptable, you're right that's a problem. If the key can't (permanently) be retrieved, it's a signature verification failure, and not in general a reason to reject the message outright, so I don't consider it to be a loophole in that sense.
-Jim _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
