Eric Allman wrote:
>
> --On November 8, 2006 12:05:07 AM +0200 Pekka Savola
> <[EMAIL PROTECTED]> wrote:
>
>> ==> what is the expected verifier's behaviour if one or more of
>> these MUST/MUST NOTs doesn't hold? AFAICS, that hasn't been
>> specified, at least not very clearly. Should it be?
>
> This is already covered in (e.g.) 6.1.1:
>
> Implementers MUST meticulously validate the format and values
> in the DKIM-Signature header field; any inconsistency or
> unexpected values MUST cause the header field to be
> completely ignored and the verifier to return PERMFAIL
> (signature syntax error). Being "liberal in what you accept"
> is definitely a bad strategy in this security context.
One clarification to this for Pekka, in case he missed it: Section 3.2:
Unrecognized tags MUST be ignored.
Tony Hansen
[EMAIL PROTECTED]
_______________________________________________
Ietf mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/ietf
