On Jan 19, 2004, at 4:41 PM, Markus Stumpf wrote:
On Mon, Jan 19, 2004 at 12:18:14PM -0500, Keith Moore wrote:
It also depends on what is included in the hash. I believe it will be
necessary to omit some information from the hash in order to get the
hash to survive most existing mail transports. I don't think this is
a
problem as long as we don't treat the originator-id tag as a digital
signature.
IMHO it is a question of what one wants to accomplish with the
signature.
If it's end-to-end, aka MUA <> sMTA <> rMTA <> MUA signatures are nice
to have, but as I can trust my rMTA's Received: line about the sending
MTA
it is not of much additional information.
it's a moot point. it's much easier to make e2e sigs work than to make
hop-by-hop sigs work.
I don't think it is an easy task to find information to add to the
hash.
offhand:
- subject field (perhaps truncated to XX bytes)
- message body
- source IP address and port
- precise date/time (not the Date header field)
- *maybe* some form of the envelope recipient list
Adding the body of the email to the hash is also playing vabanque as
e.g. mailing lists add trailers to the message and break the hash.
interesting point that. but if the body is the last thing to be hashed
you may be able to
recheck the hash at every line boundary. you might also have the id
field include the
number of bytes from the body that are hashed.