On 23 May 2011, at 17:10, Hector Santos wrote: > Ian Eiloart wrote: >> On 23 May 2011, at 15:19, Hector Santos wrote: > >>>> But why skip? Usually the message won't be downgraded. And even if they >>>> are, usually a broken signature will cause no harm. >>> Thats the problem - define "usually" and also define "no harm." > >> Well, harm will only be done when someone incorrectly punishes a broken >> signature. They should not do that, > > Rhetorically, why not? Put another way, why should a receiver tolerate > failure, or better, why should DKIM itself - the technology - tolerate > failure? Sounds like DKIM has some inner soul turmoils - a devil on one > shoulder and angel on the other.
Because there are known to be paths that break DKIM signatures. And because of this: http://www.apps.ietf.org/rfc/rfc4871.html#sec-6.3 >> so the damage is actually done by the recipient, not by the downgrading. > > Well, thats a difference in two reasonable mindsets - a receiver who views > faults as part of the strength of securing a technology and a receiver who > tolerates faults - accepts everything including one that are direct and > indirectly created and passes the buck to end-users. I like to believe there > exist a commonality where false positive deterministic methods can be use to > detect violations of an authentication and integrity technology. > > Rhetorically, its all for nothing, why bother looking at how to fix C14H > hashing, talk about content formatting downgrades when failure is tolerated > and per specification, deliberately ignored? Because success has value, if you have a good reputation as a signer. -- Ian Eiloart Postmaster, University of Sussex +44 (0) 1273 87-3148 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html