Barry Leiba wrote: > Just on one portion, here: > > On Thu, May 28, 2009 at 3:30 PM, Doug Otis<[email protected]> wrote: >> Some systems handle message attachments separately, and at times may exclude >> attachments. Eventually, a practice similar to DKIM should be established >> to separately encapsulate attachments. Once such a convention exists, >> separating message attachment hashes will better ensure textual portions of >> a message can be handled independently from that of message attachments. > > Hm. > I should think that the DKIM way to handle the removal of attachments > would be for the agent that remove the attachments to re-sign the > message after it does so.
Agreed. No matter which MIME part was affected, it's still a modification of the original message and thus invalidates the assertions inherent in the original signature. -- J.D. Falk Return Path Inc http://www.returnpath.net/ _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
