I don’t think it’s a silly question. In fact I recently approached the Mailman
people to explore this question from their perspective.
It may be interesting or even somewhat useful to set up a new header
canonicalization that tolerates this kind of thing for lists, but the real
problem is
Knowing that many mailing lists add [topic] at the beginning of the Subject
line, what if DKIM was set to ignore that part when signing/verifying?
Apart from what's been said:
We did discuss this, long ago. Suppose a spammer used that to replay
signed list messages, changing this:
Subject:
On 3/31/2011 9:08 AM, Murray S. Kucherawy wrote:
I don’t think it’s a silly question. In fact I recently approached the
Mailman
people to explore this question from their perspective.
It may be interesting or even somewhat useful to set up a new header
canonicalization that tolerates
On 31 Mar 2011, at 03:16, Franck Martin wrote:
Silly question (?):
Knowing that many mailing lists add [topic] at the beginning of the Subject
line, what if DKIM was set to ignore that part when signing/verifying?
That's an implementation issue for verifiers, isn't it? If an rfc were to
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Ian Eiloart
Sent: Thursday, March 31, 2011 3:45 AM
To: Franck Martin
Cc: ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] If DKIM would ignore [] at the beginning of
the
On Thu, Mar 31, 2011 at 6:58 AM, Murray S. Kucherawy m...@cloudmark.com wrote:
That's also something we considered when talking to the Mailman people. But
again, this is really a small percentage of what causes author signatures on
list mail to break.
Anyway, the list should be signing
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Al Iverson
Sent: Thursday, March 31, 2011 11:52 AM
To: ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] If DKIM would ignore [] at the beginning of
the subject line
On
FWIW, here's how I got DKIM signatures on messages resent by the lists I host
with MailMan two years ago, without needing to wait for MailMan to update
anything at all:
Yup. In most cases, it's really not hard to either tell the MTA to add a
signature on the way out, or use a signing shim
J.D. Falk wrote:
On Mar 31, 2011, at 8:51 AM, Al Iverson wrote:
I think the MLM document makes all of this stuff pretty clear already.
It does to me; it seems like dropping the original signature and
signing with the list manager site signature is the appropriate way to
go.
Yup. The
Silly question (?):
Knowing that many mailing lists add [topic] at the beginning of the Subject
line, what if DKIM was set to ignore that part when signing/verifying?
Would it help to solve the problem of broken signature thru mailing lists?
I realize the issue would be to also detect the
Silly question (?):
I was going to write a long rant, but I'll just say, you're right, it was
a silly question.
R's,
John
PS: If you believe that you have a problem that would be solved if you
could check slightly more of the submitters' signatures on list mail,
there's nothing stopping you
On 31Mar11, Franck Martin allegedly wrote:
Silly question (?):
Knowing that many mailing lists add [topic] at the beginning of the Subject
line, what if DKIM was set to ignore that part when signing/verifying?
Would it help to solve the problem of broken signature thru mailing lists?
Instead, what if we invented a canonicalization specifically for lists
that recognized the content munging of lists as first-class behavior
that encompassed things like l= and [] and other typical list munging?
How about if we just encouraged people who run lists to sign their mail?
This
13 matches
Mail list logo
