dkim-ops
[Top] [All Lists]

Re: [dkim-ops] Test Results for various reflectors

2006-06-08 16:32:14
On Thu, 8 Jun 2006, SM wrote:

Hi Dan,
At 14:34 08-06-2006, Dan Mahoney, System Admin wrote:
>Okay. My results for every reflector listed on testing.dkim.org >(with every possible signing mode) are here (and they're DISMAL):

Thanks for the notes on the autoresponders.

Your DKIM signature fails verification.

By the way -- can you tell WHY? I was signing using ietf-base-01, but am about to switch over to the allman one shortly, it's had SLIGHTLY more success than the others. (This message should be signed with it.) Which method are you using to verify?


>In any case, no detail is mentioned about how these differ, unless I >feel like reading the drafts (and no links are provided, even so it >would be a TEDIOUS read).

You can find the drafts of the implementation in the dk/dkim milter tarballs. The latest version of dkim-milter uses ietf-base-01 by default.

These are the files included with that:

draft-allman-dkim-ssp-01.txt
draft-ietf-dkim-base-01.txt
draft-ietf-dkim-threats-02.txt

Which one of them is supposed to represent allman-base-00? I've looked (and looked) and I can't find an easy COMPARISON about what one spec has and the other does not, how they are similar, how one spec can be interepreted to be backwards compatible with another...or even which spec is newer, and whather it supersedes any other and is considered more or less acceptable. (As much as a "draft" standard can be).

The milter library claims that "The underlying library will adapt itself to deal with signatures from any version of the specification as much as possible" however I would have to assume this is with the assumption that the library itself KNOWS about all the specs that exist -- obviously some libraries which are in use now can pre-date some specs, which since they all use the same header could cause failure.

>* Can anyone post contact addresses for issues with these >reflectors? Ideally we need more info, such as: what testing method >they're using, contact address, what standards they support.

You can post dkim-milter questions to the dkim-milter mailing list. I'm copying this email to you as the one you receive from this list will fail verification.

That wasn't a milter question, but some of the above ARE, and I'll be mentioning that on those mailing lists shortly. DKIM seems like a cool idea, but most of the documentation seems to be SERIOUSLY lacking.

-Dan

--

"What's with the server farm down in the basement?"

-Spider, Three Skulls Commons at Selden House, 4/15/00

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------

_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops