On Tue, May 6, 2025 at 6:39 AM Alessandro Vesely <[email protected]> wrote:
> On Mon 05/May/2025 20:29:40 +0200 Wei Chuang wrote: > > Security gateways may modify the message in complex ways that message > algebra > > cannot cover > > > If changes cannot be described, how can DKIM2 be used? > > The old version (-01) of the motivation draft had a "complex" value for > m=, > described as "This hop has done something complex and there is no way to > revert > it". When I saw it disappearing in version -02 I thought it was gone for > good. > Bron's diff based algebra does have significant support for tolerating security gateway changes. IMO the main problematic scenarios are: * deleting attachments or other parts e.g. contains malware or for data loss protection * modifications where the original content is confidential to at least some of the recipients e.g. when the gateway encrypts the message My understanding of the "m=" "nomodify" is actually a policy description to say to forwarders to "never modify" the message and to receivers to verify that forwarders didn't in fact modify the message. You can see that once again in the header draft in section 1.4 <https://datatracker.ietf.org/doc/html/draft-gondwana-dkim2-header-00#name-registry-of-values-for-m>. I have some concerns around that concept. I'll post something around that soon. -Wei
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
