On 7/8/2011 6:54 AM, Murray S. Kucherawy wrote: > That's not part of what DKIM tells an assessor, nor is the list of signed > header fields, so I don't see why that would be a useful thing to highlight. > For example, if a message contains two Subject: fields, the assessor doesn't > know which was signed; could be neither. It still gets an SDID out of the > verification and nothing more (possibly not even that if the signature > failed).
It simply is not productive to pursue terse, abstract claims of threats, absent detailed technical description, detailed explanation of how it is relevant to DKIM, and some indication of concern for that threat among a range of people The main effect of responding to isolated, terse concerns is to create a record that can be read as giving credence to those threats. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
