> -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Scott Kitterman > Sent: Thursday, July 07, 2011 6:32 AM > To: [email protected] > Subject: Re: [ietf-dkim] Final update to 4871bis for working group review > > I'm working with someone on an implementation and I think we're going to > assume one more From than listed in h= when verifying to ensure nothing has > been added.
This intentionally causes the verifier to assume what the signer really meant when it signed a message using a single From: field. That may look safe but it isn't what DKIM actually says. We might do this for libopendkim somewhere down the line, but it would default "off". In any case, interesting idea. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
