On Tue, 01 Jun 2010 08:59:41 +0100, Murray S. Kucherawy <m...@cloudmark.com> wrote:
> Please, folks, change the Subject: field for the ADSP-specific part of > this discussion. OK, that old thread had gotten very ragged. Unfortunately, I got around to reading your draft only recently, so I seem to have missed your deadline :-( . My main comment is in relation to whether the old, failing, DKIM signature should be removed or not. You gave an example of where it was removed, but none where it was retained, and no real arguments pro or con either. So here is my case for why it should be retained. (I think we agree that if the list has not actually broken the original signature, then it is best left even if the MLM provides an additional one). Suppose the MLM changes the signature so as to break the Old signature, and provides an A-R header to say it was OK as received, and provides a New signature including the A-R. That much seems agreed as Good Practice. Now suppose he leaves the Old signature intact. Will subsequent agents be confused? Not if they follow the standards, because an unverifiable signature is SUPPOSED to be treated the same as an absent signature (which is the other possibility under consideration). So, on that basis, any compliant verification agent SHOULD act the same whether is sees a broken Old Sigbature on no Old signature at all. (i.e. it should discard in both cases, or else try to make sense of the New signature, plus any List-* headers that may be around. 1. So the only downside of leaving the Old signature should be where an over-eager verifier tries to be clever and to treat failed signatures differently from absent ones - and for sure there will be such non-compliant verifiers around whether we like it or not. 2. OTOH, the is an upside in leaving the Old signature, insofar as it may help diagnose what has been going wrong (or whatever). Moreover some smart verifier that really wanted to be helful to its list readers (most likely one attached to the recipients MUA) might even try to reverse engineer the changes made by the MLM, and recheck the signature (which, for a particular list recognized by the recipient or his MUA might actually be quite straightforward). So we have to balance the problems introduced by would-be-smart verifiers that were non-standard compliant against other would-be-smart verifiers that might be able to use it. It is not obvious to me which way that balance goes, except to observe that is is usually NOT a good idea to destroy information that might be useful to someone. Having said all that, I have a new proposal to solve this problem, which is that MLMs should actually change the From header. I think this has possibilities, but I have not had time to work out the details yet, so please Watch This Space! -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email: ...@clerew.man.ac.uk snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html