On 2/1/2024 7:31 PM, John R Levine wrote:
Layering is a fine principle, but it's not how DKIM has ever worked
in practice. Two weeks ago we had a long discussion about
oversigning, so DKIM validators can catch messages with multiple
From: or Subject: headers which have never been valid in any version
of 822/2822/5322 but show up anyway.
Please explain how you think DKIM violates layering.
What I said in my previous message, people use oversigning to catch
5322 header violations.
Except that that isn't a layer violation, as I noted.
It is a behavior within DKIM that only affects DKIM.
For the specific issue of bare CR or LF, I was reminded on another
list that there is a trendy attack called SMTP smuggling which
depends on mail software inconsistently accepting bare CR or LF, and
mail providers are busy patching to fix it.
That has nothing to do with DKIM, of course.
Opinions differ.
The prohibition is not in DKIM. So the violation is not within DKIM.
And why should DKIM care?
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
mast:@dcrocker@mastodon.social
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim