From: Rolf E. Sonneveld
Sent: Tuesday, August 24, 2010 3:31 PM
Cc: MH Michael Hammer (5304); ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Mailing lists and s/mime & dkim signatures - mua
Dave CROCKER wrote:
On 8/24/2010 11:59 AM, MH Michael Hammer (5304) wrote:
Then it would appear that we are substantially in violent agreement.
in spite of our best efforts.
may I suggest we stop here for a moment and get back to the original
question, which in essence was: should a 1st signer DKIM signature be
preserved 'coûte que coûte' when a message is handled by a MLM, or not.
To answer this question I'd like to quote the excellent summary of what
DKIM is about, posted earlier today by Wietse:
I am somewhat agnostic on the question of preserving DKIM signatures when a
message is handled through MLM. Intuitively I would like them preserved and I
believe that MLMs can preserve them if they are interested in doing so.
If I were running an MLM (I have done so in the past but do not currently do
so) I would certainly respect an ADSP=discardable assertion and ensure that I
handled messages accordingly (more than one way to skin a cat).
As John has pointed out on numerous occasions, it should not be demanded of
MLMs that they change their ways to accommodate anything new under the sun
(paraphrasing here) because they have been around for as long as they have and
done quite nicely thank you very much.
Darwin was right.
To the extent that ill-intentioned individuals find MLMs (and email accounts
posting through MLMs) interesting targets in the future, those MLMs that are
unfriendly to email authentication are likely to find themselves at greater
risk than those MLMs which are friendly to email authentication. There are
varying ways in which an MLM can deal with this issue. I for one wouldn't dream
of attempting to dictate to them what they must or must not do.
Receivers are not stupid and will respond to such evolving circumstances as
they may in the interests of their endusers as well as their own reputation. I
for one wouldn't dream of attempting to dictate to them what they must or must
In any event, I perceive MLMs as the tail that appears to be wagging the dog.
In the context of email authentication, there are so many much more interesting
mail streams from my perspective.
The DKIM signature
provides a simple piece of trace information ("I handled this mail")
that is cryptographically bound to some header and body content.
The receiver can use this trace information for any purpose that
she deems suitable.
I think most of us can agree with this summary of what DKIM really is,
without all the bells and whistles we often like to attribute to it.
Next we add a quote from Dave about what the MLM does:
An MLM creates the message. That the message might look a lot like
one sent /to/ it is nice, but it's also confusing. The original author
ultimately, responsible for what the MLM chooses to send
Again, most of us will agree with this, I assume. Now combining the two,
and _without focussing on any hypothetical action of a verifier or
recipient_, the conclusion must be that the MLM adds its own
DKIM-signature, leaving the original DKIM-signature(s) untouched. After
all, removing the original DKIM signature would mean removing a piece of
trace information provided by the originating domain. And once it's
gone, it's gone. Leaving the original DKIM signature untouched is in
line with chapter 4 of RFC4871 including par. 4.2 that states:
Signers SHOULD NOT remove any DKIM-Signature header fields from
messages they are signing, even if they know that the signatures
cannot be verified.
I haven't found any text in the erratum of 4871 / 5672 that obsoletes
this text. This means we can treat (regarding this particular aspect)
MLMs like any other re-signing agent, no exceptions are required.
Rolf, you have sidestepped the issue of digests or do you feel this holds true
for them as well?
And yes, this means my opinion changed, I no longer advocate the use of
multipart/alternative to preserve the 1st signer DKIM signature, instead
it is my opinion now that an MLM should leave it untouched (and not
remove it). I have come to this conclusion by looking at what DKIM is,
and carefully avoiding looking at what a verifier or recipient might
possibly do with the information it provides.
We should not change the
essentials of DKIM for sake of MLM transparancy; the best we can do is
document the status quo of the combination of DKIM and MLMs, its
problems and (within the boundaries of the DKIM spec) any hints that can
solve or mitigate those problems.
I absolutely agree with your last statement.
NOTE WELL: This list operates according to