Murray S. Kucherawy wrote:
> You could use an extension tag to capture the original
> Content-Transfer-Encoding
> as a hint to the canonical form that was signed, but that means the verifier
> has to undo the conversion before computing the hashes, and it has to do that
> bytewise precisely as
> -Original Message-
> From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
> On Behalf Of Scott Kitterman
> Sent: Monday, May 23, 2011 10:12 AM
> To: ietf-dkim@mipassoc.org
> Subject: Re: [ietf-dkim] 8bit downgrades
>
> > Do you have numbers to show that broken si
On 25 May 2011, at 02:13, John R. Levine wrote:
>> Interestingly enough, outlook tells me this message has been tampered
>> with, but not sure why...
>
> Probably doesn't have the Comodo validation certificate.
Maybe, but my Mac does, and it complains. As does a Thunderbird client and an
Outlo
On 25/May/11 10:03, Hector Santos wrote:
> How would 7/8 bit be considered?
>
> Personally, the STRIP C14N idea would work just fine by removing all
> trailing WSP (CR, LF, SP) and for QP text, decode it first. I'm
> considering updating my 2006 I-D to include the QP decoding logic.
I propose
Alessandro Vesely wrote:
> On 25/May/11 10:03, Hector Santos wrote:
>> How would 7/8 bit be considered?
>>
>> Personally, the STRIP C14N idea would work just fine by removing all
>> trailing WSP (CR, LF, SP) and for QP text, decode it first. I'm
>> considering updating my 2006 I-D to include th
On 05/25/2011 01:05 AM, Murray S. Kucherawy wrote:
> Interesting. I ran some queries on our data for ebay.com, paypal.com,
> chase.com and bankofamerica.com. In all cases, messages with failed
> signatures were never tagged by Spamassassin, and at most 7% (usually less)
> of unsigned mail wher
On 25/May/11 14:27, Hector Santos wrote:
> Alessandro Vesely wrote:
>> On 25/May/11 10:03, Hector Santos wrote:
>>> How would 7/8 bit be considered?
>>>
>>> Personally, the STRIP C14N idea would work just fine by removing all
>>> trailing WSP (CR, LF, SP) and for QP text, decode it first. I'm
>>
> -Original Message-
> From: Michael Thomas [mailto:m...@mtcc.com]
> Sent: Wednesday, May 25, 2011 7:03 AM
> To: Murray S. Kucherawy
> Cc: ietf-dkim@mipassoc.org
> Subject: Re: [ietf-dkim] No signatures, bad signatures, cousin domains
>
> Heuristic based systems like SA are subject to the
Alessandro Vesely wrote:
>>> 3) For text parts, completely remove /any/ whitespace. Additionally,
>>> remove most punctuation, especially from begin and end of lines.
>>
>> Do we really need this? Do you know of cases related to this?
>
> The idea is to anticipate any unknown signature breaker.
>The idea is to anticipate any unknown signature breaker.
I'm pretty sure that's specifically out of scope.
And I promise that whatever you do, short of wrapping the whole
message in opaque armor, I can come up with something that will
break it.
Regards,
John Levine, jo...@iecc.com, Primary Perp
> -Original Message-
> From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
> boun...@mipassoc.org] On Behalf Of John Levine
> Sent: Wednesday, May 25, 2011 12:59 PM
> To: ietf-dkim@mipassoc.org
> Cc: ves...@tana.it
> Subject: Re: [ietf-dkim] New canonicalizations
>
> >The idea is to
Alessandro, with the undotting leading dot fix, I went back and adding
code to adjust for this by undotting it in the C14N code and what a
major difference compared to the failed rate listed before:
Failure rates for level encoding type (OLD)
+--
On Wednesday, May 25, 2011 02:04:45 PM Hector Santos wrote:
...
> When I remove the domains I know, the rest is pretty much spam.
...
Isn't that pretty generally true, DKIM or no DKIM.
Scott K
___
NOTE WELL: This list operates according to
http://mip
On 5/25/2011 9:59 AM, John Levine wrote:
>> The idea is to anticipate any unknown signature breaker.
>
> I'm pretty sure that's specifically out of scope.
>
> And I promise that whatever you do, short of wrapping the whole
> message in opaque armor, I can come up with something that will
> break
Scott Kitterman wrote:
> On Wednesday, May 25, 2011 02:04:45 PM Hector Santos wrote:
> ...
>> When I remove the domains I know, the rest is pretty much spam.
> ...
>
> Isn't that pretty generally true, DKIM or no DKIM.
Sure, in general I would agree with that and most of it are single
shot dea
It tells me signing and encryption certificates are valid and even their
root certificates are valid...
Well, something's wrong with it. I checked the signature in Alpine,
Thunderbird, and Evolution, and they all agree it's fine.
I went back and looked in more detail. The problem appears to
John R. Levine wrote:
>>> It tells me signing and encryption certificates are valid and even their
>>> root certificates are valid...
>>
>> Well, something's wrong with it. I checked the signature in Alpine,
>> Thunderbird, and Evolution, and they all agree it's fine.
>
> I went back and looked i
17 matches
Mail list logo
