> -----Original Message----- > From: [email protected] [mailto:ietf-dkim- > [email protected]] On Behalf Of Murray S. Kucherawy > Sent: Tuesday, September 14, 2010 3:27 PM > To: DKIM List > Subject: Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review > > > -----Original Message----- > > From: [email protected] [mailto:ietf-dkim- > > [email protected]] On Behalf Of John R. Levine > > Sent: Tuesday, September 14, 2010 12:23 PM > > To: J.D. Falk > > Cc: DKIM List > > Subject: Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review > > > > >> How about: "It is important to us that this arrive at your inbox > > signed by us and unmodified. You should not keep it if that is not the > > case." > > > > Well OK. Now I'm hearing that it's the signature that's important, not > > the message. No disagreement there. > > Since the signature's success is predicated on [some part of] the body > being immutable in transit, are those distinct? > >
If someone cares enough to implement DKIM discardable I would be surprised if they weren't signing the entire message body. The message (stream overall) is important in the sense that the domain is trying to fend off abuse. That is a necessary precondition but not sufficient. The signature is important because that is how the legitimate (in the sense that it is signed by the domain and validates) is distinguished from the potentially illegitimate. The corpus of legitimate but failed to validate could be considered collateral damage if you will. It may be a high price but it is perceived as less than the damage of letting the illegitimate stuff through. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
