>> Verifiers MUST NOT use the header field names or copied values >> for checking the signature in any way. Copied header field >> values are for diagnostic use only.
>1) This condition is ACTUALLY REQUIRED for interoperation? Well, yeah. If the verifier is a separate module from the one that sorts mail based on the verification result, the sorter is going to act differently with results from a strict verifier vs. a squidgy one. >2) This condition limits actual HARM? If we consider unwittingly accepting mail with bad signatures as harm, yes. I would prefer language along the lines of what I proposed last week, that the copied values are not for signature validation, but you can do whatever you want with them to decide what to do with a message whose signature didn't validate. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
