On Fri, Aug 18, 2017 at 6:47 PM, Bron Gondwana <br...@fastmailteam.com> wrote:
> On Sat, 19 Aug 2017, at 11:43, Murray S. Kucherawy wrote: > > On Thu, Aug 17, 2017 at 5:22 PM, Brandon Long <bl...@fiction.net> wrote: > > We went down the path of including a diff of the message in the headers, > but you run up against more complicated changes that make that > challenging. Ie, mailing lists which strip attachments. If all we cared > about were subject munging and footers, there probably would have been a > practical solution there. > > > I wrote a draft a while ago that would allow a DKIM-Signature to include > an annotation indicating that the signing ADMD did one or more of a > specific set of small but well-defined message changes (e.g., add a footer, > add a Subject tag). Knowing what those are, a verifier could undo them and > attempt validation of earlier signatures in the handling chain. Presumably > if no other modifications were made, the original content is thus > discoverable, and you could then produce a chain of custody of the actual > content before you that makes sense. > > If that's worthy of consideration now I could certainly revivify it. > > > That seems really valuable to me. Being able to track the provenance on > individual parts of the message payload is a much stronger way to determine > who is at fault when bad content is being injected than just knowing some > bits of the message handling chain. > https://tools.ietf.org/html/draft-kucherawy-dkim-transform-00 The notion of tracking provenance is secondary to being able to recover and evaluate the original content signed by the originating ADMD. You could in theory get that signature to pass again, which would satisfy DMARC. The transformations it covers could easily be augmented to include Subject tagging, or even non-MIME footer attachment using the "--" delimiter. -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
