Stephen Farrell wrote: > don't we currently have a requirement in 5.3 that says: > 9. [PROVISIONAL] A signature that is not on behalf of the > RFC2822.From MUST NOT be construed as suspicious for the > purposes of The Protocol.
In the draft I read 5.3 (9) is completely different. Which version are you looking at ? The "requirements-00" apparently did not make it yet to the tools server and the DKIM page, to the tracker, or the "official" drafts directory. The copy I read has date 2006-08-08, and in that version the word "suspicious" appears only in section 6.1. > If that were to gain consensus (as I believe it ought, at > least since the alternative makes no cryptographic sense to > me) then would there still be a problem with Resent-* cases? No more problem with any always-signed-Resent-cases. But that eliminates 5.5 in the DSAP draft with a MUST NOT. Frank _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
