Ian Eiloart wrote: > On 23 May 2011, at 15:19, Hector Santos wrote: >>> But why skip? Usually the message won't be downgraded. And even if they >>> are, usually a broken signature will cause no harm. >> Thats the problem - define "usually" and also define "no harm."
> Well, harm will only be done when someone incorrectly punishes a > broken signature. They should not do that, Rhetorically, why not? Put another way, why should a receiver tolerate failure, or better, why should DKIM itself - the technology - tolerate failure? Sounds like DKIM has some inner soul turmoils - a devil on one shoulder and angel on the other. > so the damage is actually done by the recipient, not by the downgrading. Well, thats a difference in two reasonable mindsets - a receiver who views faults as part of the strength of securing a technology and a receiver who tolerates faults - accepts everything including one that are direct and indirectly created and passes the buck to end-users. I like to believe there exist a commonality where false positive deterministic methods can be use to detect violations of an authentication and integrity technology. Rhetorically, its all for nothing, why bother looking at how to fix C14H hashing, talk about content formatting downgrades when failure is tolerated and per specification, deliberately ignored? -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html