It appears that Bron Gondwana <br...@fastmailteam.com> said: >-=-=-=-=-=- > >Honestly, with the capacity to undo header changes from >dkim2-modification-algebra I would be more inclined to have the spec list >headers which MUST >NOT be signed (probably just trace headers), and to list additional headers to >not sign, rather than additional headers to sign.
Speaking of trace headers, is the plan that each DKIM2 (or whatever we call it) signature signs the preceding headers? How about the Resent-xxx headers which aren't trace headers but might as well be? I think it would be workable to say that if a header you sign is a trace or resent header, the signature includes all the instances below the signature itself, and if a mail system reoders them, which it shouldn't, too bad, the signature breaks. R's, John _______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
