>> I'm willing to accept a signature with l= so long as it covers the >entire message. I agree that partial coverage is not practically >distinguished from no coverage.
>I note you refer to /current/ --rather than possible or commendable-- >practice Sorry, I don't understand what you're trying to say. Partial body coverage allows all sorts of sneaky tricks that make the body presented to the user completely different from that the sender signed. l=0 screams "phish me", attach a fake body to a genuine signed set of headers. We hashed all this out in excruciating detail on this list a year or two ago, so please review the archives. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
