It appears that Wei Chuang <wei...@google.com> said: >To sign a message, the signer must find the maximum instance tag "i=n", >denoted as M. To add a new DKIM2-Signature, first verify that there isn't >any to be defined in the future indication that the message "left" DKIM2. ...
I have a few questions that might greatly simplify the process. Most (all?) non-trace headers are defined to occur only once, like From: and Subject: How about we say that if a signer or verifier sees more than one of them, stop and the result is failure, no oversigning needed. The only trace header I think it's likely we'll sign is the previous DKIM2 signatures which is easy enough, just sign them in order up through the current one. I suppose there's the Resent-blah: trace headers, but since we're signing the envelope recipient already, do we care? R's, John _______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
