Wilfred Gasper writes:
> Thank you for this description. So there's nothing I can do against it
> like using another version of Python?
Well, another version of Python won't do. You need another version of
the Internet. According to RFC 2822,
Subject: a few words
Subject:
a few words
Subject:
a few words
have identical semantics. So if you sign RFC 2822 headers, you need
to canonicalize them before signing, and again before verifying,
because any relay might change them.
See the domain keys standard www.dkim.org for a protocol that has to
solve a similar problem.
Mailman intends to deal with domain keys in some future version (but
implementation is not scheduled yet, don't hold your breath ... unless
you want to do it yourself), so the necessary code for
canonicalization will eventually be available in Mailman (presumably
inherited from the standard email module in Python). But you still
face breakage from all relays between signer and verifier.
HTH
------------------------------------------------------
Mailman-Users mailing list
[email protected]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
