ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Re: Message Replay Abuse and Acceptance of a Signature

2006-01-22 11:56:01

Douglas Otis wrote:
The signature header is not removed,
just the 'b=base64' is obfuscated with a result indicating whether the
MDA verified the signature upon acceptance.

I hate to do this yet again, but the term obfuscation is taken,
and not for what you mean, which confuses me at least. Quoting
[1] for example:

obfuscation - technology to shroud the context and contents of code.
   Obfuscated applications function properly, yet confuse human
   observers and decompilers.

The MDA 'w=' parameter ensures this signature will not be
accepted by any other AdmD.

Ok, so you mean something like having an MDA sign in order to
attest that the message arrived with status <foo>. Our charter
has a stretch goal for that specifically not to be done without
a recharter:

   Once the primary goals are met, the DKIM working group may also study
   whether to adopt a work item for specifying a common mechanism to
   communicate the results of message verification to the message
   recipient. The generation of a standards-track specification on this
   topic will require an update to the DKIM working group charter.

So, I'd have to wonder how what you're proposing doesn't match
that paragraph, and is thus for later, and not for now.

Stephen.

[1] http://www.preemptive.com/documentation/glossary.html


_______________________________________________
ietf-dkim mailing list
http://dkim.org