Hello. I have finalized
https://www.ietf.org/archive/id/draft-nurpmeso-dkim-hash-adaptivity-02.txt and https://www.ietf.org/archive/id/draft-nurpmeso-dkim-algo-adaed25519-02.txt which adapt "data-hash" so that the extensive digesting done by (some, all) modern algorithms can be taken advantage of. (Also: so that the actual complications incurred by using the old DKIM approach with the way those algorithms have to be driven via crypto interfaces vanish.) I have iterated https://www.ietf.org/archive/id/draft-nurpmeso-dkim-access-control-diff-changes-02.txt and worked all comments myself. We now include MAIL FROM in the subsignature, so as to shatter backs-scatter. (hihihi.) It surely has some sharp corners left, for all those who want instructions that cover all possibly thinkable conditions, *for sure*, in order to when to reject etc; some are also inherited by RFC 6376, though, for example: o "local-part" (implementation warning: this permits quoted strings) I simply reiterated that. (I *always* hated it, you know. I mean, there is the SMTP spec, there is the MIME spec, and why only cannot simply those definitions etc be used, then we have key=value pairs, without FWS, and the content is very clear, say with i= any @ would then require a quoted string, you know, and *then* i could simply use a standardized well-tested parser, and properly *requote* the mess that happens in reality, aka perform proper normalization, without driving this IETF standard header (DKIM) like this, the other (ARC) like so, not to mention ..., just anyone adds its own syntax soup. What deterrence.) Whatever, this is the day the music died. I think the picture of that DKIM v1 extension is pretty much complete beside that. I claim it covers all the problems as a good solution. Counter- evidences very much welcome. Other than that it is pretty much all i had to say, SMTPS, and a much improved, solely and exclusively usable DKIM, that by itself can do better than all the other standards combined, possibly aside SPF, but which you can only use with TILDE-all aka ~all in reality, at least in my world: and what is it worth, then? Better keep your private crypto key save, as you (need to) do for S/MIME and OpenPGP, so also for DKIM. And that is that. Have a nice Sunday night, all of you west of me. Thank you, and Ciao from Germany, --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) | |In Fall and Winter, feel "The Dropbear Bard"s pint(er). | |The banded bear |without a care, |Banged on himself for e'er and e'er | |Farewell, dear collar bear _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
