[Ietf-dkim] Re: DKIM with body length

A. Schulze wrote in : |Am 23.05.24 um 20:13 schrieb John Levine: |> Do you remember what opendkim does? A quick look at the code wasn't \ |> too enlightening. | |OpenDKIM sign 'from' and this set of header without further configuration:

[Ietf-dkim] Re: DKIM with body length

Wei Chuang wrote in : Just to note again that this reiterates an attack from 2018. https://mailarchive.ietf.org/arch/msg/ietf-dkim/S3gLEswN9pz2Qd_cLZRWrsZ_oo4/bod It was for example discussed on the exim list in 2019 https://lists.exim.org/lurker/message/20190430.030725.d35d9752.da.html

[Ietf-dkim] Re: DKIM with body length

Jeremy Harris wrote in : |On 19/05/2024 17:26, Wei Chuang wrote: |> then rewrite the Content-type header mime |> delimitter | |Seems like including this header in the signed set would be |Best Practice? Indeed. I want to remark that this thread seems to reiterate an attack from 2018:

[Ietf-dkim] Re: [Dcrup] [standards] [Editorial Errata Reported] RFC8463 (7930)

Viktor Dukhovni wrote in : |> On 16 May 2024, at 10:02 AM, Hector Santos etf.org> wrote: |> I don’t wish to oversimplify here, but I wonder if the confusion \ |> is with the idea that in order to support RFC8463, a complaint implement\ |> ation would have to sign two DKIM signatures for

[Ietf-dkim] Re: [Dcrup] [standards] [Editorial Errata Reported] RFC8463 (7930)

I take John R Levine off, as he bounces my emails. I add ietf-dkim. Viktor Dukhovni wrote in : |On Mon, May 13, 2024 at 10:32:59PM +0200, Steffen Nurpmeso wrote: |> "It is ok", but i want to say again (there were some private |> emails and i have forgotten where i said what,

[Ietf-dkim] Fwd: Re: [pfx] Fwd: [S-announce] [ANN]ounce of s-dkim-sign v0.6.1

--- Forwarded from Steffen Nurpmeso --- ... Only to add that Matthieu Herrb, a (pretty widely known, decade long) developer of OpenBSD and the freedesktop space, posted on openbsd-ports@ While on the subject : https://16years.secvuln.info/ The old Debian OpenSSL bug from 2006 still haunts

[Ietf-dkim] Fwd: Re: [pfx] Fwd: [S-announce] [ANN]ounce of s-dkim-sign v0.6.1

For your possible interest. --- Forwarded from Steffen Nurpmeso --- ... |> v0.6.1, 2024-05-12: |> - Adds the algorithm big_ed-sha256 which effectively is RFC 8463 |> (aka ed25519-sha256), but performs three digest operations where |> only two are needed. |>

[Ietf-dkim] Re: RFC 8463: errata needed?

Scott Kitterman wrote in <761f8d9b-0fcf-4274-8b07-a53d29521...@kitterman.com>: |On May 8, 2024 11:25:11 PM UTC, Steffen Nurpmeso \ |wrote: ... |>Therefore i took RFC 8032 from Simon Josefsson[.] ... |>[.]and it occurred to me that my sofware generates |>correct signatur

[Ietf-dkim] RFC 8463: errata needed?

Hello. So i have had a problem with the little DKIM sign milter i had written in that users (receivers, actually) reported back that the ED25519 signature produces verification failures (i saw result headers of two, and got informed of a third). And some of the publically accessible DKIM test

Re: [Ietf-dkim] RFC 8463: DNS textual form underspecified

I mean ok, non-issue. Scott Kitterman wrote in <717c7103-311a-4c60-a3bf-72ea41cbc...@kitterman.com>: |On April 14, 2024 7:13:55 PM UTC, Steffen Nurpmeso \ |wrote: |>Scott Kitterman wrote in |> <2c92eb24-3332-436c-a0bb-d4bac3322...@kitterman.com>: |>|On April 14

Re: [Ietf-dkim] RFC 8463: DNS textual form underspecified

Scott Kitterman wrote in <2c92eb24-3332-436c-a0bb-d4bac3322...@kitterman.com>: |On April 14, 2024 1:53:07 AM UTC, Steffen Nurpmeso \ |wrote: |>Scott Kitterman wrote in |> <5368ac9a-51d5-4aec-ab19-613dbead7...@kitterman.com>: |>|On April 14, 2024 12:51:26 AM

Re: [Ietf-dkim] RFC 8463: DNS textual form underspecified

Scott Kitterman wrote in <5368ac9a-51d5-4aec-ab19-613dbead7...@kitterman.com>: |On April 14, 2024 12:51:26 AM UTC, Steffen Nurpmeso \ |wrote: |>Hello. |> |>Thanks to Hanno Böck (known from ossec and more) i was pointed to |>my falsely published ED25519 DKIM key. |>

Re: [Ietf-dkim] RFC 8463: DNS textual form underspecified

John Levine wrote in <20240414010739.d752f8861...@ary.qy>: |It appears that Steffen Nurpmeso said: |>|I realize that RFC 8463 says repeatedly that the base64-encoded |>|representation of an ED25519 key is 44 bytes, and that the |>|examples go for this. Still ther

Re: [Ietf-dkim] RFC 8463: DNS textual form underspecified

Steffen Nurpmeso wrote in <20240414005126.pzjJO4pr@steffen%sdaoden.eu>: |Thanks to Hanno Böck (known from ossec and more) i was pointed to |my falsely published ED25519 DKIM key. |Until now that simply was the complete ED25519 public key, just |like for RSA, instead of extracting the

[Ietf-dkim] RFC 8463: DNS textual form underspecified

Hello. Thanks to Hanno Böck (known from ossec and more) i was pointed to my falsely published ED25519 DKIM key. Until now that simply was the complete ED25519 public key, just like for RSA, instead of extracting the actual "bitstring data" from the standardized ASN.1 container, which starts at

Re: [Ietf-dkim] Testing a DKIM implementation

Matthäus Wander wrote in <25cebd13-10a2-4b56-887a-f5bcaf0e0d46@wander.science>: |David Harris wrote on 2024-03-22 13:25: |> I now have my implementation complete: I was wondering if there is a |> recommended way of testing it - for instance, a reference site that \ |> allows you |> to send

Re: [Ietf-dkim] Testing a DKIM implementation

David Harris wrote in <65fd789c.26406.50826...@david.harris.pmail.gen.nz>: |My thanks to Murray S. Kucherawy, who was most helpful in answering my |previous questions about specifics of RFC6376.. | |I now have my implementation complete: I was wondering if there is a |recommended way of

Re: [Ietf-dkim] [Technical Errata Reported] RFC6376 (7862)

RFC Errata System wrote in <20240321011002.630ee1...@rfcpa.amsl.com>: |The following errata report has been submitted for RFC6376, |"DomainKeys Identified Mail (DKIM) Signatures". ... |You may review the report below and at: |https://www.rfc-editor.org/errata/eid7862 ... It seems i cannot

Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

Jeremy Harris wrote in : |On 06/03/2024 23:30, Steffen Nurpmeso wrote: |> Does this mean you do use Ed25519 and RSA since over four years in |> regular email? It*brakes things*!? | |Yes. And no, not that I've noticed. Thanks. Good to know. I give it a try. --steffen | |Der Krag

Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

Jeremy Harris wrote in : |On 06/03/2024 22:41, Steffen Nurpmeso wrote: |> exam i do not know | |exim, possibly? Interesting; i see selectors [er]202001. Does this mean you do use Ed25519 and RSA since over four years in regular email? It *brakes things*!? --steffen | |Der Kragenb

Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

Steffen Nurpmeso wrote in <20240306230526.tcmkMKA1@steffen%sdaoden.eu>: ... |Btw now that i look at that thanks to my configurable header |display in the console based MUA i use, you use Ed25519 first and |then RSA, forcefully breaking the incapable IETF DKIM checks and (Not true

Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

Scott Kitterman wrote in <9ee553ec-aa5b-4dac-bf4d-9a0ffb289...@kitterman.com>: |On March 6, 2024 10:41:51 PM UTC, Steffen Nurpmeso \ |wrote: |>Scott Kitterman wrote in |> : |>|On March 6, 2024 9:56:50 PM UTC, Steffen Nurpmeso \ |>|wrote: ... |>|>So now that i h

Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

Steffen Nurpmeso wrote in <20240306224151.r4D7UEwr@steffen%sdaoden.eu>: |Scott Kitterman wrote in | : ||On March 6, 2024 9:56:50 PM UTC, Steffen Nurpmeso \ ||wrote: ... ||>So now that i have DKIM myself i tested. ||>And *no* verification software i can reach actually supports

[Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

--- Forwarded from Steffen Nurpmeso --- Date: Wed, 06 Mar 2024 23:43:00 +0100 Author: Steffen Nurpmeso From: Steffen Nurpmeso ... Subject: Re: [..] Recommendation for dkim signing Message-ID: <20240306224300.AvxERJ7Z@steffen%sdaoden.eu> ... One. Last. Message. Of mine. And sorry f

Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

Scott Kitterman wrote in : |On March 6, 2024 9:56:50 PM UTC, Steffen Nurpmeso \ |wrote: |>--- Forwarded from Steffen Nurpmeso --- |>Date: Wed, 06 Mar 2024 22:49:48 +0100 |>Author: Steffen Nurpmeso |>From: Steffen Nurpmeso |>... |>Subject: Re: [pfx] Recommendatio

[Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

--- Forwarded from Steffen Nurpmeso --- Date: Wed, 06 Mar 2024 22:49:48 +0100 Author: Steffen Nurpmeso From: Steffen Nurpmeso ... Subject: Re: [pfx] Recommendation for dkim signing Message-ID: <20240306214948.V5gSjSiU@steffen%sdaoden.eu> ... ... So now that i have DKIM myself i

Re: [Ietf-dkim] Question about lone CR / LF

Steffen Nurpmeso wrote in <20240306205414.sCe1DCRy@steffen%sdaoden.eu>: |Please allow me an addendum. It is too funny to get this non-delivery back: : host mx1.taugh.com[64.57.183.56] said: 554 5.6.0 Bare CR or LF not accepted. (in reply to end of DATA command) Have a nice e

Re: [Ietf-dkim] Question about lone CR / LF

Please allow me an addendum. John Levine wrote in <20240201180340.852b68205...@ary.qy>: |It appears that Murray S. Kucherawy said: |>-=-=-=-=-=- |>On Wed, Jan 31, 2024 at 5:44 PM Steffen Nurpmeso \ |>wrote: |> |>> But i cannot read this from RFC 6376. |> |&g

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Murray S. Kucherawy wrote in : |On Mon, Feb 5, 2024 at 1:39 PM Steffen Nurpmeso wrote: |> If a graphical user interface gives you a green "ok" button to |> click, or "red" otherwise, that is even better as in browser URL |> lines. Then pop up a tree-

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Dave Crocker wrote in : |On 2/5/2024 2:08 PM, Jim Fenton wrote: |> On 5 Feb 2024, at 14:02, Dave Crocker wrote: |>> On 2/5/2024 1:56 PM, Jim Fenton wrote: ... ..because that makes me sad over and over again.. | of 528 web users This is a

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Jim Fenton wrote in <3e7a38ef-4026-4943-8bc3-22516e3f1...@bluepopcorn.net>: |On 5 Feb 2024, at 14:02, Dave Crocker wrote: |> On 2/5/2024 1:56 PM, Jim Fenton wrote: |>> And you will also provide citations to refereed research about what \ |>> you just asserted as well, yes? |> |> Ahh, you

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Steffen Nurpmeso wrote in <20240205212412.Kq4PkTNC@steffen%sdaoden.eu>: |Dave Crocker wrote in | : ||On 2/5/2024 9:43 AM, Alessandro Vesely wrote: ||> It is debatable whether it is useful to display authentication ||> information to the end user.  Personally, I

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Dave Crocker wrote in : |On 2/5/2024 9:43 AM, Alessandro Vesely wrote: |> It is debatable whether it is useful to display authentication |> information to the end user.  Personally, I like to see it. | |At scale, there is no debate among UX professionals.  Its presence |varies between

Re: [Ietf-dkim] Question about lone CR / LF

John R Levine wrote in <7ef08541-e3cf-d356-cba9-85a92a5df...@taugh.com>: |> But on review, it seems like I've tiptoed over that line from |> time to time in support of robustness in some form or another. ... | |It occurs to me that Dave and I have different views of how software is |put

Re: [Ietf-dkim] Question about lone CR / LF

Dave Crocker wrote in <117c5879-7255-43cb-bfee-2ca9413be...@dcrocker.net>: |On 2/3/2024 11:29 AM, Dave Crocker wrote: |> DKIM is not a general message parsing engine | |btw, one might imagine a parsing engine that mixes a number of |functions, such as general message parsing AND DKIM

Re: [Ietf-dkim] Question about lone CR / LF

John Levine wrote in <20240201180340.852b68205...@ary.qy>: |It appears that Murray S. Kucherawy said: |>-=-=-=-=-=- |> |>On Wed, Jan 31, 2024 at 5:44 PM Steffen Nurpmeso \ |>wrote: |> |>> But i cannot read this from RFC 6376. |> |>Se

Re: [Ietf-dkim] Question about lone CR / LF

Murray S. Kucherawy wrote in : |On Wed, Jan 31, 2024 at 5:44 PM Steffen Nurpmeso \ |wrote: | |> But i cannot read this from RFC 6376. |> | |Sections 2.8 and 3.4.4 don't answer this? These were why i was coming here. It is one thing to write a 5322/I-M-F parser who documents RFC 523

[Ietf-dkim] Question about lone CR / LF

Hello. Is there any advise on a "lone CR" or "lone LF" on a line? Do these count as "whitespace characters"? Well they surely do not as whitespace is SP / HTAB. But what if i see SP CR CRLF or LF CRLF or LF au CRLF when i create a digest? For now i assume anything such except the very

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

John Levine wrote in <20240119192026.dedff8104...@ary.qy>: |It appears that Evan Burke said: |>> Insisting on using the same term for these two different cases has an |>> academic purity to it, but has already been demonstrated to be destructi\ |>> ve |>> in practical terms, because it

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Dave Crocker wrote in <54bcc79e-2cec-4c49-8a5c-0ef64db68...@dcrocker.net>: |On 1/19/2024 6:51 AM, Al Iverson wrote: ... |[.]the scenario of |sending to a collaborating receiver and re-posting a message that has no |differences except the envelope rcpt-to value, does not have a know

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Steffen Nurpmeso wrote in <20240120002211.9zE1qqLr@steffen%sdaoden.eu>: ... |[.]people which[.] So that is "people who", and then i wanted to apologise for naming Mr. Kucherawy "Kucheraway" in one of all those of my posts. Have a nice weekend i wish from Germany, -

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Emanuel Schorsch wrote in : |I don't have a strong horse in this race. But I'll just chime in that from |my perspective I was thinking of both of these as DKIM Replay. I have been |calling any case where the DKIM signature is not broken and the spammer |resends multiple copies as DKIM Replay.

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Steffen Nurpmeso wrote in <20240119235632.VOlkKoIX@steffen%sdaoden.eu>: |Dave Crocker wrote in | <54bcc79e-2cec-4c49-8a5c-0ef64db68...@dcrocker.net>: ||On 1/19/2024 6:51 AM, Al Iverson wrote: ... ||[.]does not have a know ||solution. | |There would be a RFC 6376 backwar

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Dave Crocker wrote in <82f48c8d-b89c-404f-87ac-4619628dd...@dcrocker.net>: |On 1/16/2024 3:57 PM, Evan Burke wrote: ... |> Without oversigning those headers, DKIM would pass, | |Yes, oversigning is useful.  And it has been useful for a very long Just to make that clear to myself, who is

Re: [Ietf-dkim] DKIM Signature

Laura Atkins wrote in <9a3fef5d-ce9c-4b69-8049-43c62dd3d...@wordtothewise.com>: |> On 31 Oct 2023, at 00:26, Steffen Nurpmeso wrote: |>|4. I don't understand how that is relevant to the current working group |>|topic of a problem statement |> |> (that is wha

Re: [Ietf-dkim] DKIM Signature

Alessandro Vesely wrote in : |On Mon 30/Oct/2023 20:44:20 +0100 Steffen Nurpmeso wrote: |> I still think ED25519 is not gracefully supported by all DKIM implementa\ |> tions |> because you cannot use a stream based approach, but must load the \ |> entire data |> "in

Re: [Ietf-dkim] DKIM Signature

Dave Crocker wrote in <2bdbcfe0-4126-45b5-93a3-51ec4f8cf...@gmail.com>: |On 10/30/2023 12:44 PM, Steffen Nurpmeso wrote: |> Dave Crocker wrote in |> : |>|On 10/29/2023 1:51 PM, Jan Dušátko wrote: |>|> In my opinion, the verifiability of the place and

Re: [Ietf-dkim] DKIM Signature

Dave Crocker wrote in : |On 10/29/2023 1:51 PM, Jan Dušátko wrote: |> In my opinion, the verifiability of the place and time of origin needs |> to be addressed, which is one of the reasons to use DKIM: | |While I think I understand the basis for thinking that DKIM is relevant |to that

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230814202928.ufult%stef...@sdaoden.eu>: ... |visibility is. (Mind you, OpenSSH is currently hardening itself |against [1], .. i persnally would simply start ticking and run for |some time after the last keypress, that needs no floating-point |arithmetic,

Re: [Ietf-dkim] Replay attack definition discussion

Presumably a last message of mine. Without any personal insult meant i wanted to complain on the the initial sentence Mailing-lists have long complicated email authentication. And this echoes IETF documents written a decade and longer ago (last week i looked on my local ones and i think as

Re: [Ietf-dkim] replay is a bogus concept

Jesse Thompson wrote in : |On Thu, Aug 17, 2023, at 12:02 PM, Steffen Nurpmeso wrote: |> More, usually (it happened in the past) they then point to their |> web site, where you then *do*, and isn't the certificate of that |> website, which itself is likely verified by some CA i

Re: [Ietf-dkim] replay is a bogus concept

Alessandro Vesely wrote in <652789f7-0a0a-f8db-11f9-2558bc9ec...@tana.it>: |On Thu 17/Aug/2023 04:45:48 +0200 Bron Gondwana wrote: |> On Tue, Aug 15, 2023, at 21:36, Alessandro Vesely wrote: |>> On Tue 15/Aug/2023 08:10:23 +0200 Bron Gondwana wrote: |>>> We've love to not sign spam at all,

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

arder"; \ |all of which an ESP could be providing as a service, depending on the \ |lens one looks at it. Sure, why not. |On Sat, Aug 12, 2023, at 2:31 PM, Steffen Nurpmeso wrote: |> The only remaining option spammers would have is stripping DKIM |> entirely, as you say. | |It's not

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Alessandro Vesely wrote in <1fcef96f-27ce-2cfa-30e6-e37237088...@tana.it>: |On Sat 12/Aug/2023 21:52:13 +0200 Steffen Nurpmeso wrote: |> Alessandro Vesely wrote in >: |>> On Fri 11/Aug/2023 23:49:20 +0200 Steffen Nurpmeso wrote: |>>> Alessandro Vesely wrote

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Hello Mr. Kucheraway. Murray S. Kucherawy wrote in : |On Sat, Aug 12, 2023 at 12:31 PM Steffen Nurpmeso |wrote: ... [Bringing back some quotes] ||stef...@sdaoden.eu || |Isn't this discussion about Bcc: off-topic and solely RFC 5322? || |I have never seen a MUA implementation which

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Alessandro Vesely wrote in : |On Fri 11/Aug/2023 23:49:20 +0200 Steffen Nurpmeso wrote: |> Alessandro Vesely wrote in <76cede70-0558-ed62-7420-97e2e899e...@tana.it\ |> >: |>>On Fri 11/Aug/2023 00:33:46 +0200 Steffen Nurpmeso wrote: |>>> Murray S. Ku

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Hello. Jesse Thompson wrote in <5859b14f-64d3-4ad1-a322-c2ed927e6...@app.fastmail.com>: |On Fri, Aug 11, 2023, at 4:34 PM, Steffen Nurpmeso wrote: |> Jesse Thompson wrote |> The aspect of DKIM-subsignatures revealing Bcc: presence (of 1+ |> recipients of a domain) if a Bcc: re

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230811213456.ha9td%stef...@sdaoden.eu>: ... |I would ask you to reconsider the problem with the "new" idea that |integrates with current implementations which do DKIM, like |milters (OpenDKIM) etc. It was that: ... |DKIM is meant to be auto

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Alessandro Vesely wrote in <76cede70-0558-ed62-7420-97e2e899e...@tana.it>: |On Fri 11/Aug/2023 00:33:46 +0200 Steffen Nurpmeso wrote: |> Murray S. Kucherawy wrote in dkgjtw...@mail.gmail.com>: |>> On Wed, Aug 9, 2023 at 3:14 PM Steffen Nurpmeso \ |>> wrote: |&g

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

t 9:07 AM Steffen Nurpmeso \ |> wrote: ... |Any inclusion of RCPT-TO in the headers or signature is a privacy concern \ |if the message is forwarded, but those tend to show up in Received \ |headers anyway. Seems like a wash, regardless of where you put it. ... The aspect of DKIM-subsignatures r

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230810224050.f3o3k%stef...@sdaoden.eu>: |Steffen Nurpmeso wrote in | <20230810150536.5k9uk%stef...@sdaoden.eu>: | |much too much was written it seems. So please, everybody, forgive me, but in between sleeping in the forest and a sundowner bicycle

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230810223346.-xlaq%stef...@sdaoden.eu>: ... |Murray S. Kucherawy wrote in | : ||On Wed, Aug 9, 2023 at 3:14 PM Steffen Nurpmeso \ ||wrote: ... ||> And when a mailing-list or so changes fields, it could create ||> a "DKIM-Backup: h1=b1, h2

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230810223710.pf8vt%stef...@sdaoden.eu>: ... |>From my perspective that was just a brain fart of mine. I want to point out that i myself use a proper MIME encoding. If the IETF mailing-list software reformats that and uses From_ quoting, like so many o

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Sorry for the late reply, first sunny day since a about a month, we had a very rainy and cold July in Germany. Murray S. Kucherawy wrote in : |On Wed, Aug 9, 2023 at 3:14 PM Steffen Nurpmeso wrote: |> And couldn't it become standardized that verification results then |> must be in

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Jeremy Harris wrote in : |On 09/08/2023 21:12, Murray S. Kucherawy wrote: |>> It seems to me that adding a per-recipient DKIM "sub-signature" |>> can be accomplished very cheaply, and "scales to |>> super-parallelism". |>> |> If by that you mean a distinct signing key per user, I don't

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230810150536.5k9uk%stef...@sdaoden.eu>: much too much was written it seems. ... |A nice property would be that all (possible forms of) needed |sub-signatures could be generated in parallel, a task that (most Except for the one which requires the &quo

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

once more i thought, because i am noone, so to say, Steffen Nurpmeso wrote in <20230809221343.1xkjj%stef...@sdaoden.eu>: |Steffen Nurpmeso wrote in | <20230809214100.nzjxy%stef...@sdaoden.eu>: ||Steffen Nurpmeso wrote in || <20230809211602.8mpmd%stef...@sdaoden.eu>: |

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230809214100.nzjxy%stef...@sdaoden.eu>: |Steffen Nurpmeso wrote in | <20230809211602.8mpmd%stef...@sdaoden.eu>: ||Steffen Nurpmeso wrote in || <20230809205628.ua41r%stef...@sdaoden.eu>: |||Murray S. Kucherawy wrote in ||| : On Wed, Aug

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230809211602.8mpmd%stef...@sdaoden.eu>: |Steffen Nurpmeso wrote in | <20230809205628.ua41r%stef...@sdaoden.eu>: ||Murray S. Kucherawy wrote in || : |||On Wed, Aug 9, 2023 at 9:07 AM Steffen Nurpmeso \ |||wrote: ... |I mean, of course DKIM coul

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230809205628.ua41r%stef...@sdaoden.eu>: |Murray S. Kucherawy wrote in | : ||On Wed, Aug 9, 2023 at 9:07 AM Steffen Nurpmeso \ ||wrote: ... |Ok. Assumed the normal per-message DKIM signature gets a new flag |that signals that an additional per-recipient-

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Steffen Nurpmeso wrote in <20230807170617.91_dg%stef...@sdaoden.eu>: |Jeremy Harris wrote in | <25aead67-8b9f-1db0-076d-12620a394...@wizmail.org>: ||On 07/08/2023 05:22, Jesse Thompson wrote: ... |ML-specific headers). That is, enable restoration and DKIM |checking of the o

Re: [Ietf-dkim] Call for adoption results: draft-ietf-dkim-replay-problem Adopted

Jeremy Harris wrote in <25aead67-8b9f-1db0-076d-12620a394...@wizmail.org>: |On 07/08/2023 05:22, Jesse Thompson wrote: |> For messages which are originally submitted as BCC and, depending \ |> on the circumstances, it's necessary for us to identify the recipient \ |> in the headers, what

Re: [Ietf-dkim] Call for adoption

David Mayne wrote in : |+1 on adoption of Wei's latest draft. Yes. --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)

Re: [Ietf-dkim] Comments on draft-chuang-dkim-replay-problem

Scott Kitterman wrote in <2920460.qdh4J8JMRY@localhost>: |On Sunday, April 2, 2023 4:56:16 PM EDT Wei Chuang wrote: |> A -03 draft is available at |> https://www.ietf.org/archive/id/draft-chuang-dkim-replay-problem-03.html. | |Thanks. While I haven't given it a thorough review, based on a

Re: [Ietf-dkim] Fwd: New Version Notification for draft-crocker-dkim-replay-00.txt

Steffen Nurpmeso wrote in <20230310002254.3yxyh%stef...@sdaoden.eu>: |Steffen Nurpmeso wrote in | <20230309221555.or-j9%stef...@sdaoden.eu>: ... ||one could add one entry for each, with the necessity to cover all ||of these in the signature. Then receivers could check

Re: [Ietf-dkim] Fwd: New Version Notification for draft-crocker-dkim-replay-00.txt

Steffen Nurpmeso wrote in <20230309221555.or-j9%stef...@sdaoden.eu>: ... |one could add one entry for each, with the necessity to cover all |of these in the signature. Then receivers could check all in turn |and pick one matching. ([Of course] The values of all those Of

Re: [Ietf-dkim] Fwd: New Version Notification for draft-crocker-dkim-replay-00.txt

Dave Crocker wrote in <6a11d9c6-21aa-872d-a0ce-53420769f...@dcrocker.net>: |Name: draft-crocker-dkim-replay "mighty" surely means "might". In 2.2 "Outbound filtering" -> "Outbound filtering:". Items in 4. have no final punctuation but the last. Vice versa in first list of 5. No final

Re: [Ietf-dkim] DKIM replay problem statement

Alessandro Vesely wrote in <07e44c08-49b2-1abe-f15d-cd4563fea...@tana.it>: ... |On Tue 07/Mar/2023 23:46:18 +0100 Jim Fenton wrote: |> To get things going, here are a few comments on |> draft-chuang-dkim-replay-problem-01: |> |> Section 1.1: |> |> [...] |> “Bcc header field”: There is