Dave Crocker writes:
> The experiments I've seen with DK have shown that even rather
> simple-looking fuzzy matches can let through heavily mutated messages,
> while some common mutations like virus scanner tag lines can be really
> hard to deal with. I don't see any reason to think that IIM would be
> any different in those regards.
Huh? Both DK and IIM have a nofws canonicialization.
MTA's modify messages too. Sendmail, for example. Try
feeding it a line of 2049 'a's and see what happens.
And sendmail is hardly in outlier in this regard.
One of the hallmarks of serious discussion is working to
integrate the views of the other "side". This means doing
more than blithely rejecting their points or ignoring them.
You are managing to ignore the distinction between syntactic and
semantic modifications. It's been explained repeatedly.
I don't know what "syntax" means in terms of a message body;
you've never explained that. And how that differs in kind
with with a length attached to what has been signed is
rather mysterious to me.
You are also working pretty hard at ignoring lists with
more than one item. Concerns about header-copying are an
I don't know what this means.
I disagree. When I view a message from John Levine
on ietf-mailsig(_at_)imc(_dot_)org, I think the responsible
party is John Levine, not 1000 monkeys diverted
from their day job of pounding out Shakespeare.
You are ignoring the nature and degree of modification
that can be done -- and IS done -- by a re-posting entity,
like your or me or a mailing-list.
And all of this can and is done by other kinds of
intermediaries -- virus scanners, corpro-policy-thingies,
etc. Your distinction strikes me as so many angels on a
pinhead. Call them "rogue" if you like, but they exist and
will cause signatures to fail.
The entity that is "responsible" for a message from a
mailing list is the administrator of the list.
Define "responsible". Is it "responsible" for the content?
Can I sue it for defamation? These things that you are
presenting as self-evident and axiomatic are not.
This is true of *any* intermediate in the path. Really.
And, as has been pointed out repeatedly, there is a
difference between having the power to make changes, by
virtue of being any handler of a message in transit, versus
making changes as part of the nature of the service, as in
the case of mailing lists.
And this has been *repeatedly* disputed. Didn't you just get
done complaining about integrating the views of the other