On Thu, May 5, 2011 at 12:54 PM, John Levine <[email protected]> wrote: >>Perhaps an intermediate approach would be to insert a sentence >>into the Security Considerations section that says, >>approximately, that if a message arrives at the MSA with a >>signature or any other sort of message integrity check, or the >>MSA is expected to apply one, any actions must be applied with >>extreme caution to ensure that the message that is sent out by >>the submission server contains information consistent with the >>message being sent. > > This is really a policy issue. If you get a message with 8bit > characters and a DKIM signature, and your outgoing channel is 7bit, do > you downcode it so you can deliver it, at the cost of breaking the > signature (which, according to DKIM rules, is not an error, but just > equivalent to no signature), or do you preserve the signature? It > depends.
right, so an implementation would offer a knob. > So I'd prefer noting that if a message is signed, the MSA should > consider what effect downcoding will have on the validity of the > signature, but not offer any advice about when to do what. I can live with this advice. -- Jeff Macdonald Ayer, MA _______________________________________________ yam mailing list [email protected] https://www.ietf.org/mailman/listinfo/yam
