On Wed, 25 Aug 2010 00:47:20 +0100, Hector Santos <[email protected]> wrote:
> Rolf E. Sonneveld wrote: > >> Although DKIM does not specify (as far as I know) what to do with DKIM >> signatures in inner bodyparts, I think DKIM signatures should never be >> removed without a good reason. > > If you believe this, then you have to advocate the removal of the RFC > 4871 mandate regarding invalid signatures changing to no-signature > status as if it never existed and the message was never signed. Not so. A retained, but now invalidated, signature should have no effect on the behaviour of an assessment engine (well almost so - it might like some assurance that it HAD been signed previously before proceeding to consideration of the trustworthiness of the MLM's signature, but an A-R header would provide that). No, the purpose of retaining that signature is primarily for forensics. Given that it is meaningless for protocol purposes for the reasons you gave, it cannot possibly do any harm. Destroying it would do some minor harm (hindering any forensic investigation). It would also frustrate geeks who might like to reconstruct the original signed message for verification purposes, but they are not the primary custimers of any retention. It is simnply a matter of not destroying potentially useful evidence. -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email: [email protected] snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
