On Jun 1, 2009, at 8:23 AM, Barry Leiba wrote: > John says... >> Related question: whether or not you sign with l=, does anyone have >> any software that does anything with l= other than use it to decide >> how much of the body to check? Anyone seen an MUA that uses it to >> manage message display? A spam filter that uses l= in its secret >> sauce? Any use of l= at all? > > I think this is an important question for us to answer as we decide > what to do with it in 4871bis work, and I'd like to see some answers > either way (including "We don't sign with it.") I'd especially like > to hear what verifiers do if it's present and it doesn't cover the > whole message: what do you do with the part of the message past the > specified length? > > So, please, don't be silent on this thread. But also, please only > talk about what implementations *are doing*, not what they might > hypothetically do. Thanks.
If we see a message that's signed with l= then we treat it as unsigned right now. If l= usage becomes common we'll probably treat the case where l= the actual length of the message as validly signed and any other l= value as unsigned. We're not doing anything particularly clever with DKIM identities, though, just using them as a key to a domain based whitelist to enable some automated handling of inbound email (FBL handling, primarily) and enabling rendering email with risky renderers (html, pdf) by default Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
