On 3/16/2024 1:31 PM, Slavko via mailop wrote:
And the same RCF clearly suggests to leave other (even invalid)
signatures untouched.
Which text in RFC 6376 says that?
Perhaps you are thinking of Section 6.1 which includes:
INFORMATIVE NOTE: The rationale of this requirement is to permit
messages that have invalid signatures but also a valid signature
to work. For example, a mailing list exploder might opt to leave
the original submitter signature in place even though the exploder
knows that it is modifying the message in some way that will break
that signature, and the exploder inserts its own signature. In
this case, the message should succeed even in the presence of the
known-broken signature.
which notes it might be done, but certainly is not advice to do it.
(Also note the paragraph is informative rather than normative. Also
note the reference to mailing lists, as being discussed here.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
mast:@dcrocker@mastodon.social
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
