Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them

2010-04-30 Thread Murray S. Kucherawy
-Original Message- From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- boun...@mipassoc.org] On Behalf Of Alessandro Vesely Sent: Thursday, April 29, 2010 10:55 PM To: ietf-dkim@mipassoc.org Subject: Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them

Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them

2010-04-30 Thread Alessandro Vesely
On 30/Apr/10 08:50, Murray S. Kucherawy wrote: boun...@mipassoc.org] On Behalf Of Alessandro Vesely Sent: Thursday, April 29, 2010 10:55 PM Yet, it would seem that by, say, hashing just invariants of binary representations of the first entity, e.g. discarding its white space and

Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them

2010-04-30 Thread John Levine
In article 4bda70b5.4090...@tana.it you write: On 29/Apr/10 01:12, SM wrote: The diversity of the email environment is such that you cannot come up with a mellowed canonicalization to cope with every possible change. Yet, it would seem that by, say, hashing just invariants of binary

Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them

2010-04-29 Thread Alessandro Vesely
On 29/Apr/10 01:12, SM wrote: The diversity of the email environment is such that you cannot come up with a mellowed canonicalization to cope with every possible change. Yet, it would seem that by, say, hashing just invariants of binary representations of the first entity, e.g. discarding its

Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them

2010-04-28 Thread SM
At 11:27 27-04-10, Alessandro Vesely wrote: At any rate, all what I'm trying to say is that a few certified fields, e.g. From:, To:, and Date:, are more useful than a broken signature, in most cases. Yes, they are. RFC 4871 describes what is being covered by the DKIM Signature. For the sake of

Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them

2010-04-28 Thread Alessandro Vesely
On 28/Apr/10 12:58, SM wrote: At 11:27 27-04-10, Alessandro Vesely wrote: At any rate, all what I'm trying to say is that a few certified fields, e.g. From:, To:, and Date:, are more useful than a broken signature, in most cases. Yes, they are. RFC 4871 describes what is being covered by the

Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them

2010-04-28 Thread SM
At 09:58 28-04-10, Alessandro Vesely wrote: Do you have specific examples? Could a mellowed canonicalization cope with them? There is a MTA that was doing changes to the message headers after a message has been signed. The implementation made allowances for changes after signing such as the

[ietf-dkim] Broken signatures, was Why mailing lists should strip them

2010-04-27 Thread Alessandro Vesely
On 26/Apr/10 15:59, John Levine wrote: I'm willing to accept a signature with l= so long as it covers the entire message. I agree that partial coverage is not practically distinguished from no coverage. I note you refer to /current/ --rather than possible or commendable-- practice Sorry, I