On 6/12/2006 8:58 AM, Magnus Holmgren wrote:
On Monday 23 January 2006 15:50, Matt Kettler took the opportunity to write:
Glen Carreras wrote:
* 0.0 DK_SIGNED Domain Keys: message has an unverified signature
* -0.0 DK_VERIFIED Domain Keys: signature passes verification
From looking at the domainkeys plugin, that's normal, and the
description is a bit misleading.
DK_SIGNED means the message is signed. Period. The follow-on text is
trying to explain that DK_SIGNED has not verified the signature, it has
merely detected one is present, so the signature may or may not be valid.
DK_VERIFIED means the signature passed verification. Based on the code,
this will never happen unless the message also matches DK_SIGNED.
I suggest that the description for DK_SIGNED be changed slightly to "Domain
Keys: message has a (not yet verified) signature".
Already changed in 3.2:
describe DK_SIGNED Domain Keys: message has a signature
describe DK_VERIFIED Domain Keys: signature passes verification
describe DK_POLICY_SIGNSOME Domain Keys: policy says domain signs
some mails
describe DK_POLICY_SIGNALL Domain Keys: policy says domain signs
all mails
describe DK_POLICY_TESTING Domain Keys: policy says domain is
testing DK
Daryl
