On Mon, 2004-12-06 at 06:31 +0000, John Levine wrote:
I can't speak for Dave, but nothing I've seen so far changes my
conclusion that attempts to make signatures survive mailing lists and
other mutations are fundamentally a bad idea. They add vast amounts
of complexity for at most an occasional and transitory, and more
likely an illusory benefit.
Having a signature scheme with false negatives (rejections) is a
fundamentally bad idea. You can't ask people to deploy something that
throws away any noticeable proportion of valid mail. And you can't
retroactively change the definition of 'valid' or 'forgery' as some
people would have us try to do, either. It's 20 years too late for that.
There are two ways we can try to validate the RFC2822 address(es):
First, we can validate _all_ of them, including the From: header.
Secondly, we can validate only the 'most recent' one, which may be
different to the address in the From: header.
The former requires that we survive mailing lists, if we're to refrain
from rejecting valid mail. The latter _doesn't_ have such a requirement,
but it does mean you have to smell the coffee and stop perpetuating the
myth that we're doing RFC2822 identities because we think that they're
If you're only going to validate the most recent RFC2822 identity, you
might as well be validating the RFC2821 sender; they're usually going to
be the same anyway, and it's a _lot_ easier to use RFC2821 sender than
to try to work out the 'most recent' RFC2822 identity in the presence of
both Resent-From: and Sender: headers. Doing the 'most recent' RFC2822
identity is, in my opinion, and entirely pointless exercise in shameless
If we're going to attempt to sign all RFC2822 identities, then we _must_
make sure it survives. We can't push a broken scheme which breaks on all
common mailing lists.
I don't know all of the ways that list software might mutate a
message, and neither does anyone else. We still don't have anything
close to a concrete proposal to take an IIM signature and a message
and tell us whether the message is close enough to the signature that
we can conclude that the differences are only due to a trip through a
mailing list. And I don't think we ever will, either.
We don't need to know all possible ways. We know that by far the most
common is the addition of a few lines of text, and IIM can already cope
with that. That's enough for us, I think. The remaining breakage should
be very uncommon.