On Thu, Jul 13, 2006 at 04:00:18PM -0400, Eric Allman allegedly wrote: > I've heard some discussion the last couple of days that we should > drop the MUST for signing originator headers and Resent-* blocks, > since this isn't an interoperability issue (but is perhaps a > usefulness issue). This is, in some sense, dictating policy instead > of being confined to mechanism, which we've been assiduously > avoiding. Viewed that way, it seems inappropriate to have this > requirement. > > Of course, a verifier would be completely within reason to ignore > signatures that didn't sign the From header, but that's up to them. > > If we can get a very quick consensus I can get this into base-04 > (which is going to be submitted today come hell or high water --- oh > wait, that was Dallas). It seems consistent with the other changes > we've been making, which is why I have some small hope we can get > this through in just a couple of hours.
+1 Mechanism vs policy is a good argument. As you say, let the receiver apply their policy as they see fit. Mark. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
