Re: [ietf-dkim] DKIM and EAI

On Friday, February 09, 2018 05:02:00 PM John R. Levine wrote: > > If I may once again change the topic for a moment ... > > > > https://datatracker.ietf.org/doc/draft-levine-appsarea-eaiauth/ > > I pushed out a new version that says something about SPF macros, > attempting to say that if

Re: [ietf-dkim] [dmarc-ietf] a slightly less kludge alternative to draft-kucherawy-dmarc-rcpts

On November 17, 2016 2:57:00 PM CST, "Murray S. Kucherawy" wrote: >On Thu, Nov 17, 2016 at 9:51 PM, Michael Storz >wrote: > >> >> Thanks, I see. That means the recipient is bound to the message and >an >> attacker cannot delete or change the new

Re: [ietf-dkim] [dmarc-ietf] a slightly less kludge alternative to draft-kucherawy-dmarc-rcpts

Note: Not cc'ing the DMARC list as this is a DKIM only draft. Given the discussions about twice ranging implications of a change like this (the end of email where RCPT TO changes in transit to start), the document needs far more discussion regarding the impact on the current email architecture

Re: [ietf-dkim] [dmarc-ietf] draft-kucherawy-dmarc-rcpts

On November 15, 2016 10:53:19 AM CST, Martijn Grooten <mart...@lapsedordinary.net> wrote: >On Mon, Nov 14, 2016 at 07:42:16AM -0500, Scott Kitterman wrote: >> OK. Ultimately, "don't sign spam" has got to be the solution or >reputation is >> going to suffer,

Re: [ietf-dkim] [dmarc-ietf] draft-kucherawy-dmarc-rcpts

On Monday, November 14, 2016 05:34:19 PM Murray S. Kucherawy wrote: > On Mon, Nov 14, 2016 at 4:37 PM, Scott Kitterman <ietf-d...@kitterman.com> > > wrote: > > >Doesn't that presuppose point-to-point handling? The proposal here > > >doesn't. > > > >

Re: [ietf-dkim] [dmarc-ietf] draft-kucherawy-dmarc-rcpts

On November 14, 2016 12:50:01 AM EST, "Murray S. Kucherawy" <superu...@gmail.com> wrote: >On Mon, Nov 14, 2016 at 5:41 AM, Scott Kitterman ><ietf-d...@kitterman.com> >wrote: > >> Wouldn't a DMARC option to allow senders to specify only messages >that

Re: [ietf-dkim] [dmarc-ietf] draft-kucherawy-dmarc-rcpts

On November 13, 2016 1:50:05 AM EST, "Murray S. Kucherawy" wrote: >I've posted a draft that attempts to address an attack that's begun to >appear with DKIM. Interestingly, we called it out as a possible attack >in >RFC6376 and even RFC4871, but now it's apparently

Re: [ietf-dkim] DKIM Key Sizes

On Sunday, October 30, 2016 05:50:33 PM John R. Levine wrote: > > It's also probably worth ensuring that the major open source DKIM > > implementations support both signing and verifying with 4096-bit keys. > > Aside from OpenDKIM and dkimpy, are there any others that should be > > checked? > Perl

Re: [ietf-dkim] DKIM Key Size Constraints

On Tuesday, May 12, 2015 09:27:51 PM Murray S. Kucherawy wrote: On Tue, May 12, 2015 at 8:28 PM, Scott Kitterman ietf-d...@kitterman.com wrote: Is it appropriate to change the protocol document for this? Isn't it really more of a BCP? I think when key size got put in the protocol

Re: [ietf-dkim] DKIM Key Size Constraints

On May 12, 2015 7:28:25 AM EDT, Hector Santos hsan...@isdg.net wrote: -1 Please stop! No more DKIM code changes ok? The IETF just made it a STD. Maybe we should remove the STD status first, move it back to proposed standard or experimental if this and other changes are coming. If signers want

Re: [ietf-dkim] DKIM Key Size Constraints

On Tuesday, May 12, 2015 03:35:37 PM Murray S. Kucherawy wrote: On Tue, May 12, 2015 at 8:31 AM, Martijn Grooten martijn.groo...@virusbtn.com wrote: Why remove 512 support from the verification side? Does this mean the verifier will take valid 512 signature and make it invalid, no

Re: [ietf-dkim] DKIM Key Size Constraints

On Monday, May 11, 2015 07:23:58 PM John Levine wrote: I propose a short draft that updates 6376 to say MUST use at least 1024 bits and setting that as the minimum size verifiers must be able to validate. I'm volunteering to write it if people agree it's appropriate. That seems fine. This

[ietf-dkim] DKIM Key Size Constraints

RFC 6376 (which I think is the latest) includes: 3.3.3. Key Sizes Selecting appropriate key sizes is a trade-off between cost, performance, and risk. Since short RSA keys more easily succumb to off-line attacks, Signers MUST use RSA keys of at least 1024 bits for long-lived

Re: [ietf-dkim] Doublefrom language should be in ADSP, not core

On Saturday, July 09, 2011 07:19:17 PM Michael Deutschmann wrote: One additional thought on the whole double-From: argument -- if RFC language on the issue is justified at all, it really belongs in the ADSP RFC, not a core DKIM one. A double-From: doesn't even rise to the level of

Re: [ietf-dkim] Final update to 4871bis for working group review

On Thursday, July 07, 2011 01:59:17 AM Michael Deutschmann wrote: ... In real life, however, if you don't have the power to demand that a recipient mail admin block incoming double-From: messages, then you don't have the power to demand that they deploy DKIM at all. ... I think you are

Re: [ietf-dkim] Final update to 4871bis for working group review

On Thursday, July 07, 2011 12:22:20 PM Murray S. Kucherawy wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Scott Kitterman Sent: Thursday, July 07, 2011 6:32 AM To: ietf-dkim@mipassoc.org Subject: Re: [ietf

Re: [ietf-dkim] Final update to 4871bis for working group review

to list duplicate headers in their h= values? -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- boun...@mipassoc.org] On Behalf Of Scott Kitterman Sent: Thursday, July 07, 2011 12:44 PM To: ietf-dkim@mipassoc.org Subject: Re: [ietf-dkim] Final update

Re: [ietf-dkim] Final update to 4871bis for working group review

On Thursday, July 07, 2011 12:47:52 PM Murray S. Kucherawy wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Scott Kitterman Sent: Thursday, July 07, 2011 9:44 AM To: ietf-dkim@mipassoc.org Subject: Re: [ietf

Re: [ietf-dkim] MLMs and signatures again

On Thursday, May 26, 2011 03:21:19 PM Steve Atkins wrote: If the reputation of the MLM is poor enough that mail from it is not being delivered, trumping that with an authors reputation may get individual emails delivered - but not threads, so it doesn't really improve the value provided to the

Re: [ietf-dkim] MLMs and signatures again

On Thursday, May 26, 2011 07:15:25 PM MH Michael Hammer (5304) wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- boun...@mipassoc.org] On Behalf Of Scott Kitterman Sent: Thursday, May 26, 2011 7:07 PM To: ietf-dkim@mipassoc.org Subject: Re: [ietf

Re: [ietf-dkim] MLMs and signatures again

On Thursday, May 26, 2011 07:40:17 PM Murray S. Kucherawy wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of MH Michael Hammer (5304) Sent: Thursday, May 26, 2011 4:15 PM To: Scott Kitterman; ietf-dkim@mipassoc.org

Re: [ietf-dkim] MLMs and signatures again

On Thursday, May 26, 2011 11:00:04 PM Murray S. Kucherawy wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Scott Kitterman Sent: Thursday, May 26, 2011 5:36 PM To: ietf-dkim@mipassoc.org Subject: Re: [ietf-dkim

Re: [ietf-dkim] 8bit downgrades

On Wednesday, May 25, 2011 02:04:45 PM Hector Santos wrote: ... When I remove the domains I know, the rest is pretty much spam. ... Isn't that pretty generally true, DKIM or no DKIM. Scott K ___ NOTE WELL: This list operates according to

Re: [ietf-dkim] 8bit downgrades

Ian Eiloart i...@sussex.ac.uk wrote: On 23 May 2011, at 15:19, Hector Santos wrote: Ian Eiloart wrote: On 20 May 2011, at 05:24, Hector Santos wrote: In this case, if this is enforced with a MUST, for a system that is not 8BITMIME ready but is adding DKIM signing support, to remain

Re: [ietf-dkim] 8bit downgrades

On Monday, May 23, 2011 12:35:02 PM John R. Levine wrote: In the real world signature reliability matters. If a domain signs mail as a rule then an absent or broken signature will be treated as suspicious. I hope you're wrong, since that violates an explicit SHOULD in RFC 4871, and in my

Re: [ietf-dkim] 8bit downgrades

On Friday, May 20, 2011 01:18:39 AM Murray S. Kucherawy wrote: -Original Message- From: John Levine [mailto:jo...@iecc.com] Sent: Thursday, May 19, 2011 7:20 PM To: ietf-dkim@mipassoc.org Cc: Murray S. Kucherawy Subject: Re: [ietf-dkim] 8bit downgrades I think Pete's

Re: [ietf-dkim] 8bit downgrades

On Thursday, May 19, 2011 02:16:47 PM Wietse Venema wrote: We could pretend that the future is 8-bit clean, and hope the problem will go away eventually. I have a vague recollection that this is the reason it's SHOULD vice MUST. Scott K ___ NOTE

Re: [ietf-dkim] Protocol layering / Software vs. Protocol

On Wednesday, May 04, 2011 01:01:57 PM Dave CROCKER wrote: In terms of working group process, one line of criticism demands re-opening (and, apparently, reversing) the work of the Update (RFC 5672). I haven't seen any working group consensus to do this nor any industry feedback indicating

Re: [ietf-dkim] Issue: Operations Note in 6.4 redundant and should be removed

On Friday, April 29, 2011 09:22:15 AM Hector Santos wrote: I think the rev8 version of section 6.5 is much better, but I have a change proposal with the background reasoning listed below it: ... I've had no time recently, so I've been attempting to avoid looking at last call messages since I

Re: [ietf-dkim] ADSP stats

On Wednesday, April 20, 2011 08:01:21 PM John R. Levine wrote: A much better test would be compile a list of DKIM signing domains, and do the ADSP query on them. That's what I did. The only ADSP I see this year is Paypal. That's a success story of a sort. We know that ADSP is only

Re: [ietf-dkim] Proposal: Removal of AUID (i= tag/value)

On Saturday, April 02, 2011 02:49:49 PM Michael Thomas wrote: Dave CROCKER wrote: The distinction that needs to be made is between formally-specified output vs. implementation-specific access to DKIM internals. i= was never intended to be DKIM internals. That's why the entire gambit to

Re: [ietf-dkim] FW: Getting resolution on the double header issue

On Wednesday, February 16, 2011 03:52:24 pm Murray S. Kucherawy wrote: This is the last text that I circulated on the bogus header matter, in reply to Barry's proposed path to resolution. The group was pretty exhausted from debate at that point so there was little response. -Original

Re: [ietf-dkim] DKIM Japan has been set up

John R. Levine jo...@iecc.com wrote: We really need a FAQ for this group. Simply publishing an ADSP record does not change this fact. ADSP can perhaps be used productively for specific signers and verifiers, but it does not work for all legitimate scenarios. What does work for all

Re: [ietf-dkim] DKIM Japan has been set up

On Monday, November 22, 2010 01:37:13 pm Dave CROCKER wrote: On 11/21/2010 6:43 PM, Tsuneki Ohnishi wrote: But there is a small problem. It is rather polical. We have a telecommunication law that allows ISPs to discard forged email, but our Ministry so far does not acknowledge that

Re: [ietf-dkim] Getting resolution on the double header issue

On Monday, November 08, 2010 04:20:19 am Barry Leiba wrote: As participant: Here's how I see the situation. It's purely as a participant, and has no chair weight. I think it does represent a compromise position that should work. Problem description: An attack has been described that

Re: [ietf-dkim] Commments and clarifications to 4871bis-02

On Friday, October 22, 2010 09:38:47 pm John Levine wrote: This is one of those places where I don't know how much we can change without the IESG deciding to recycle. I think we should decide what's best for the long term health of the protocol and then let the IESG worry about recycling or

Re: [ietf-dkim] double header reality check

Michael Thomas m...@mtcc.com wrote: On 10/20/2010 04:36 PM, Steve Atkins wrote: On Oct 20, 2010, at 3:19 PM, Murray S. Kucherawy wrote: Validating mail syntax belongs in the specification for the mail components and DKIM work belongs in the DKIM components. That's why, layer violation or

Re: [ietf-dkim] sophistry is bad, was Data integrity claims

On Monday, October 18, 2010 02:19:06 pm Murray S. Kucherawy wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Scott Kitterman Sent: Saturday, October 16, 2010 11:56 AM To: ietf-dkim@mipassoc.org Subject: Re

Re: [ietf-dkim] sophistry is bad, was Data integrity claims

On Saturday, October 16, 2010 10:50:25 am Dave CROCKER wrote: On 10/16/2010 10:26 AM, John R. Levine wrote: Yes, it ties an identifier to a bag of bits, and yes it specifies what those bits are, but it really does deal only with those bits and not (necessarily) the entire message.

Re: [ietf-dkim] ISSUE: 4871bis-02 - Section 8.14 comments

On Friday, October 15, 2010 10:04:40 am MH Michael Hammer (5304) wrote: why don't we just deprecate l=? Yes. Please. Scott K ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] ISSUE: 3.6.2.1 - Working with other TXT records

On Friday, October 15, 2010 01:58:07 pm Barry Leiba wrote: On Fri, Oct 15, 2010 at 1:27 PM, Hector Santos hsan...@isdg.net wrote: Murray S. Kucherawy wrote: I appreciate the desire to put more information in there to help, but we really can't be writing a tutorial on managing DNS records.

Re: [ietf-dkim] Data integrity claims

On Friday, October 15, 2010 07:50:36 pm Murray S. Kucherawy wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Douglas Otis Sent: Friday, October 15, 2010 2:30 PM To: ietf-dkim@mipassoc.org Subject: Re:

Re: [ietf-dkim] ISSUE: 3.6.2.1 - Working with other TXT records

Barry Leiba barryle...@computer.org wrote: On Thu, Oct 14, 2010 at 12:45 AM, SM s...@resistor.net wrote: At 17:31 13-10-10, Hector Santos wrote: My proposal to add more informative notes to help minimize this for the systems with the lack of DNS admin expertise on board. In particular for those

Re: [ietf-dkim] detecting header mutations after signing

On Wednesday, October 13, 2010 03:59:27 pm Jeff Macdonald wrote: On Wed, Oct 13, 2010 at 2:47 PM, Scott Kitterman ietf-d...@kitterman.com wrote: On Wednesday, October 13, 2010 02:27:29 pm Jeff Macdonald wrote: And even if there was a DKIM signature, it is the BAD GUY'S signature, which

Re: [ietf-dkim] ISSUE: 4871bis-02 - Section 8.14 comments

Dave CROCKER d...@dcrocker.net wrote: On 10/12/2010 11:21 AM, Murray S. Kucherawy wrote: -1; I like the wording that's there. Concur; -1 on the change. I furthermore submit that we are compelled to describe the known attack, as that's precisely what we are supposed to include in

Re: [ietf-dkim] detecting header mutations after signing

On Friday, October 08, 2010 12:33:38 pm Dave CROCKER wrote: On 10/8/2010 9:28 AM, Murray S. Kucherawy wrote: I'm still cringing at the layering violation of fixing in DKIM the fact that many RFC5322 implementations, MTAs, MSAs and MUAs alike, don't bother to enforce normative portions of

Re: [ietf-dkim] detecting header mutations after signing

On Friday, October 08, 2010 01:41:15 pm Murray S. Kucherawy wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Scott Kitterman Sent: Friday, October 08, 2010 10:01 AM To: ietf-dkim@mipassoc.org Subject: Re: [ietf

Re: [ietf-dkim] THIS IS A MULTIPLE 5322.FROM MESSAGE

Dave CROCKER d...@dcrocker.net wrote: On 10/6/2010 8:00 AM, Steve Atkins wrote: It also changes what DKIM means, ... Either the message has a valid DKIM signature, or it does not. If the signature is valid, then the signing domain takes responsibility for the message, subtly malformed or

Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From

Dave CROCKER d...@dcrocker.net wrote: On 10/5/2010 8:15 AM, Ian Eiloart wrote: It has been observed by implementations that is it possible to replay a message with a 2nd 5322.From header at the top which wouldn't break the DKIM signature validity, but would often be displayed by MUAs to

Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From

Murray S. Kucherawy m...@cloudmark.com wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Scott Kitterman Sent: Tuesday, October 05, 2010 12:24 PM To: ietf-dkim@mipassoc.org Subject: Re: [ietf-dkim] ISSUE: 4871bis

Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs

John R. Levine jo...@iecc.com wrote: The law requires that there be an easy to use address for unsubscribing. The List-unsubscribe header: would do the job nicely, if the majority of people were using mail clients that expose it by default. I don't know of any mail client which does that.

Re: [ietf-dkim] draft-vesely-dkim-joint-sigs

On Thursday, September 23, 2010 03:16:53 pm John R. Levine wrote: Ian, this makes no sense to me. If a signing domain is concerned enough to choose to implement ADSP, why would they reduce what they are signing to accommodate a small percentage of their mail going to MLMs that they may or

Re: [ietf-dkim] RFC4871 5322.From Binding - Proposal to relax it.

On Thursday, September 16, 2010 03:23:15 am Hector Santos wrote: Scott Kitterman wrote: My Technical recommendation. 1) For 4871bis, we should consider relaxing the 5322.From binding requirement from a MUST to a SHOULD. This will help justify its new words of separating

Re: [ietf-dkim] RFC4871 5322.From Binding - Proposal to relax it.

Hector Santos hsan...@isdg.net wrote: Based on existing open source DKIM API code from a large MTA, they must of come across signatures that did not include the 5322.From signature binding requirement of RFC 4871 because it contains an option to not enforce 5322.From hash binding in the

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

On Tuesday, September 14, 2010 09:18:23 am John R. Levine wrote: As I keep saying over and over, discardable really means discardable: if in doubt, throw it away. It does NOT, repeat NOT, mean high value mail. It means low value mail. I think your view is to narrow. It means that the

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

On Friday, September 10, 2010 03:17:47 pm Steve Atkins wrote: On Sep 10, 2010, at 11:27 AM, Charles Lindsey wrote: On Fri, 03 Sep 2010 15:15:37 +0100, Hector Santos hsan...@isdg.net wrote: I think you need to better appreciate and understand how fundamental the Message From field for any

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

On Friday, September 10, 2010 05:53:57 pm J.D. Falk wrote: On Sep 10, 2010, at 12:34 PM, John R. Levine wrote: The problem is that too many people on this WG take the view I believe in solution-X (TPA, PGP-MIME, don't use ADSP because it's broke, don't use mailing list if you advertise

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

On Friday, September 10, 2010 06:37:46 pm Steve Atkins wrote: On Sep 10, 2010, at 2:31 PM, Scott Kitterman wrote: On Friday, September 10, 2010 03:17:47 pm Steve Atkins wrote: On Sep 10, 2010, at 11:27 AM, Charles Lindsey wrote: On Fri, 03 Sep 2010 15:15:37 +0100, Hector Santos hsan

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

Steve Atkins st...@wordtothewise.com wrote: On Sep 10, 2010, at 3:46 PM, Scott Kitterman wrote: On Friday, September 10, 2010 06:37:46 pm Steve Atkins wrote: On Sep 10, 2010, at 2:31 PM, Scott Kitterman wrote: I don't think it inoculates them against ADSP problems - rather it opens

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

John Levine jo...@iecc.com wrote: It's not clear to me that there's consensus that anything qualifies as Best Current. We have some small samples of a few things that some people have tried, but I don't sense we're there yet. I hope that lists signing their outbound mail qualifies. Large

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

On Wednesday, September 01, 2010 05:18:02 am John Levine wrote: ANNEX A - MUA Considerations Is a draft about mailing lists the right place to make recommendations to MUA developers? Seems like those should probably be in a separate document. No, but the entire document is riddled with

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

On Wednesday, September 01, 2010 08:23:19 am John Levine wrote: At this point, unless we can cut back the MLM document to stick to items that we have consensus about, e.g., that it is typical for signatures applied to incoming mail not to verify after a message passes through an MLM, and

Re: [ietf-dkim] Proposed changes to MLM draft

On Monday, August 30, 2010 02:03:45 pm Murray S. Kucherawy wrote: I'd like some help tackling the next version of the MLM draft. People seem to have varying ideas about what should be removed and perhaps appear in other documents now. I need some consensus on a direction in which to proceed.

Re: [ietf-dkim] Feedback on draft-ietf-dkim-mailinglists for discussion

Dave CROCKER d...@dcrocker.net wrote: On 8/2/2010 11:34 AM, Steve Atkins wrote: A -1 on ever altering the From: field for any reason other than special requirements of the people running a specific mailing list. A +1 in support of that -1. The view that modifying the From: is helpful has

Re: [ietf-dkim] Straw poll results

On Monday, August 09, 2010 04:11:57 pm John R. Levine wrote: Why do you simplify handling of list mail to sorting and filtering, ignoring two other important list handling activities: 1. reading mail 2. responding to mail Well, OK. Can you offer some non-hypothetical situations

Re: [ietf-dkim] Straw poll results

On Monday, August 09, 2010 05:38:18 pm Rolf E. Sonneveld wrote: Scott Kitterman wrote: On Monday, August 09, 2010 04:11:57 pm John R. Levine wrote: Why do you simplify handling of list mail to sorting and filtering, ignoring two other important list handling activities: 1. reading mail

Re: [ietf-dkim] Straw poll results

On Monday, August 09, 2010 05:22:35 pm Steve Atkins wrote: On Aug 9, 2010, at 1:26 PM, Scott Kitterman wrote: On Monday, August 09, 2010 04:11:57 pm John R. Levine wrote: Why do you simplify handling of list mail to sorting and filtering, ignoring two other important list handling

Re: [ietf-dkim] Straw poll results

On Monday, August 09, 2010 06:48:51 pm John Levine wrote: This assumes mail from MLMs is treated differently than other mail. While individual users may (and probably do) treat it differently, receivers of non- trivial scale don't and can't. Sigh. Anyone who uses gmail would know that your

Re: [ietf-dkim] Straw poll results

On Monday, August 09, 2010 06:52:04 pm Steve Atkins wrote: On Aug 9, 2010, at 3:13 PM, Scott Kitterman wrote: This assumes mail from MLMs is treated differently than other mail. While individual users may (and probably do) treat it differently, receivers of non- trivial scale don't

Re: [ietf-dkim] MLMs and the use of multipart/alternative to preserve original DKIM signature and at the same time add a new DKIM signature

On Tuesday, August 03, 2010 08:02:34 am Hector Santos wrote: It seems much easier for MLS (Mail List Servers) to preempt restrictive ADSP Domains from subscribing and from submitting mail to the list enabled with DKIM resigning. This would also give you the use case to deal with of

Re: [ietf-dkim] Feedback on draft-ietf-dkim-mailinglists for discussion

On Monday, August 02, 2010 02:13:39 pm Murray S. Kucherawy wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- boun...@mipassoc.org] On Behalf Of Jeff Macdonald Sent: Monday, August 02, 2010 10:53 AM To: DKIM List Subject: Re: [ietf-dkim] Feedback

Re: [ietf-dkim] Feedback on draft-ietf-dkim-mailinglis ts for discussion

On Monday, August 02, 2010 02:39:05 pm Michael Thomas wrote: On 08/02/2010 11:21 AM, Scott Kitterman wrote: I think this is worth considering. In discussions with one of the developers of a major open source MLM, he mentioned to me that they've had feature requests over the years

Re: [ietf-dkim] Alternative MAiling List Approach

On Friday, July 30, 2010 11:48:22 am Steve Atkins wrote: On Jul 30, 2010, at 12:26 AM, Murray S. Kucherawy wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- boun...@mipassoc.org] On Behalf Of Steve Atkins Sent: Thursday, July 29, 2010 8:56 PM To:

Re: [ietf-dkim] Alternative MAiling List Approach

On Thursday, July 29, 2010 12:46:34 pm Alessandro Vesely wrote: On 29/Jul/10 13:21, Charles Lindsey wrote: The REAL cause of the problem is that From: line. My proposal is that MLM should change the From: header in such a way that the mail appears to have come from MLM.example and not from

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

John Levine jo...@iecc.com wrote: Similarly, with ADSP you don't have to rely on published information, and when information is published, you don't have to guess whether the publisher is competent. You can maintain your own list of domains that you trust to get ADSP right, and use standard

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

... 1. Do we want to reduce the DKIM broken signature rate or do we want to make ADSP less vulnerable to it. Or both, I guess. 2. If we want to reduce the DKIM broken signature rate, do we need to rework DKIM at all, or do we need to make operational recommendations to the generator and

Re: [ietf-dkim] more on discardable, was Lists BCP draft

Roland Turner roland.tur...@boxsentry.com wrote: On 26/05/2010 22:48, Steve Atkins wrote: However, domain B is not an innocent bystander, as they intentionally configured their mail system to reject mail it shouldn't, and the recipients at domain B support that decision, on some level.

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

Steve Atkins st...@wordtothewise.com wrote: On May 27, 2010, at 2:22 PM, Steve Atkins thinkoed: Legitimate email from paypal: 72% rejected by ADSP 28% not rejected Phishing emails using paypal in the From line: 39% rejected by ADSP 61% rejected. That should be

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

Brett McDowell brett.mcdow...@me.com wrote: ... As a newbie to this list, I have to say I agree. This has been a far less collegial debate than what I'm used to. That said, I may be guilty of reciprocating, and if anyone feels they have been on the receiving end of such, I apologize. ... I

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

Steve Atkins st...@wordtothewise.com wrote: On May 27, 2010, at 7:38 PM, Scott Kitterman wrote: Steve Atkins st...@wordtothewise.com wrote: That should be Legitimate email from paypal: 72% rejected by ADSP 28% not rejected Phishing emails using paypal in the From line

Re: [ietf-dkim] ADSP, was Lists BCP draft available

Brett McDowell brett.mcdow...@me.com wrote: On May 25, 2010, at 8:43 PM, Scott Kitterman wrote: Like I said, throw away anything that doesn't have our signature has some chance of broad adoption. Every extra word you add to the message makes it less likely that people will do it. I

Re: [ietf-dkim] ADSP, was Lists BCP draft available

John R. Levine jo...@iecc.com wrote: Colorful, but those were not my/our words or sentiment. Once again, our use case is: Maybe, I'm dim, but I don't see any practical difference between what you're saying and what I'm saying, other than perhaps that you have a far more optimistic idea of

Re: [ietf-dkim] besides mailing lists...

Dave CROCKER d...@dcrocker.net wrote: On 4/30/2010 9:37 AM, Jeff Macdonald wrote: ESPs have a forward-to-a-friend feature for their clients. Its a feature in which the ESPs creates the content and sends a message from a friend, to a friend. It would be discarded. However, I'm willing to

Re: [ietf-dkim] DKIM charter update proposal

On Sat, 24 Oct 2009 18:13:41 -0400 Barry Leiba barryleiba.mailing.li...@gmail.com wrote: As I see it, the reasons to go to DS would be Y1. to progress a fairly stable standard along a defined track, and Y2. to review it and perhaps clean it up a little along the way, and Y3. to get broader

Re: [ietf-dkim] DKIM charter update proposal

On Fri, 23 Oct 2009 16:54:52 -0700 Dave CROCKER d...@dcrocker.net wrote: Jim Fenton wrote: It's fairly easy to demonstrate interoperability of protocols, but usefulness is much more difficult. DKIM is an infrastructure protocol, designed to provide a basis for other mechanisms, such as

Re: [ietf-dkim] How about that DKIM charter update proposal

On Mon, 19 Oct 2009 09:58:55 -0700 Murray S. Kucherawy m...@cloudmark.com wrote: -Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- boun...@mipassoc.org] On Behalf Of John Levine Sent: Sunday, October 18, 2009 1:31 PM To: ietf-dkim@mipassoc.org Cc:

Re: [ietf-dkim] DKIM charter update proposal

On Sun, 18 Oct 2009 11:54:47 -0400 Barry Leiba barryleiba.mailing.li...@gmail.com wrote: Some have opined that it's even too early to consider taking the base DKIM protocol to Draft Standard; let's make sure we have consensus on that point, one way or the other. I'm going to re-iterate my point

Re: [ietf-dkim] Resigner Support of RFC 5617 (ADSP)

On Sun, 11 Oct 2009 15:26:52 -0700 (PDT) Michael Deutschmann mich...@talamasca.ocis.net wrote: On Sun, 11 Oct 2009, Michael Thomas wrote: On 10/11/2009 02:41 AM, Michael Deutschmann wrote: If this is indeed the official semantics of the protocol, then I would petition to add a

Re: [ietf-dkim] Resigner Support of RFC 5617 (ADSP)

On Mon, 12 Oct 2009 13:45:21 +1200 (FJT) Franck Martin fra...@genius.com wrote: - Scott Kitterman ietf-d...@kitterman.com wrote: Except that the ADSP RFC is already published and so it is what it is. It is definitely premature to crack ADSP open again (of course I thought that about

Re: [ietf-dkim] DKIM charter update proposal

If advancing DKIM/ADSP along the standards heirarchy is all that's on the table, I think it should wait. Effective rollout of DKIM in large hetrgenous organizations is complex and takes time. I think it's better to pause for a while and give broad operational experience more of a chance to

Re: [ietf-dkim] Escaping things in key/ADSP records

On Fri, 31 Jul 2009 10:19:43 -0400 Tony Hansen t...@att.com wrote: I'm wondering if there is a need for a web interface at dkim.org that would validate someone's _domainkey TXT record. I'd say yes. It would provide a good way to isolate record specific issues from other potential problems

Re: [ietf-dkim] DKIM adoption

On Sat, 1 Aug 2009 12:51:01 +1200 (FJT) Franck Martin fra...@genius.com wrote: Yes the reputation of the domain override things, but what happens when it is the first time a domain is seen? Does DKIM help or not? It can't. Also, I'm thinking in terms of points like for spammassin. Seeing some

Re: [ietf-dkim] list expanders (was Re: chained signatures, was l= summary)

On Tue, 30 Jun 2009 17:01:42 -0400 hector gmail.sant9...@winserver.com wrote: Like wise, SPF also has sender MTA rewriter technology and that includes a standard protocol as well - RFC 4405 (SUBMITTER SMTP Service Extension). I know it's OT, but in the interests of correctness, RFC 4405 is

Re: [ietf-dkim] Modified Introduction text for rfc4871-errata (resend)

On Tue, 16 Jun 2009 14:53:20 -0700 Murray S. Kucherawy m...@cloudmark.com wrote: ... The intent here, I believe, is to specify that d= is mandatory output of a DKIM verifier module. i= (and everything else, frankly) is optional. ... OK, so now I guess I'm confused. My understanding is that

Re: [ietf-dkim] RFC4871bis - whether to drop -- k: Key type

On Tue, 9 Jun 2009 22:03:10 -0400 Barry Leiba barryle...@computer.org wrote: Does anyone else remember anything vaguely similar to what I've said? Yes. That matches my recolloection. Scott K ___ NOTE WELL: This list operates according to

Re: [ietf-dkim] I-D Action:draft-ietf-dkim-rfc4871-errata-03.txt

On Sun, 5 Apr 2009 11:53:34 -0400 Barry Leiba barryle...@computer.org wrote: This updates RFC 4871, DomainKeys Identified Mail (DKIM) Signatures. Specifically the document clarifies the nature, roles and relationship of the two DKIM identifier tag values that are candidates for payload

Re: [ietf-dkim] Moving to consensus on draft-ietf-dkim-rfc4871-errata

On Fri, 20 Mar 2009 16:42:30 -0400 Barry Leiba barryle...@computer.org wrote: Mike says... Dave CROCKER wrote: Based on Pasi's comments, I had thought we were going the RFC route. Well, he has a preference for /only/ going that route, but he can't actually veto our issuing the Errata under

Re: [ietf-dkim] Acronyms

On Thu, 12 Mar 2009 19:51:04 +0100 Eliot Lear l...@cisco.com wrote: On 3/12/09 3:56 PM, Dave CROCKER wrote: Is anyone /against/ using AUID? In so far as we cannot avoid a new acronym, I am not against AUID. Eliot + 1 Scott K ___ NOTE WELL:

Re: [ietf-dkim] Moving to consensus on draft-ietf-dkim-rfc4871-errata

On Wed, 11 Mar 2009 08:54:35 -0700 Dave CROCKER d...@dcrocker.net wrote: Folks, Question to the working group... DKIM Chair wrote: To those who voted against draft-ietf-dkim-rfc4871-errata: given, now, that we will be using draft-ietf-dkim-rfc4871-errata to move forward, and the other

Re: [ietf-dkim] Do over? was Re: Moving on to ADSP

On Wed, 11 Mar 2009 15:55:05 -0700 Jim Fenton fen...@cisco.com wrote: Before I attempt to answer Dave's question, I have two questions for the Chairs: 1. Is discussion of ADSP on the list in order again? 2. It sounds like what's being proposed here is a do over of the WG and IETF Last Calls on

  1   2   3   4   >