Re: [ietf-dkim] Concerns about DKIM and mailiing lists
2006-03-15 09:06:08
And, in
fact, many subscribers insist on that modification, even though they
could filter on headers such as List-ID instead.
They could filter on it, but only when it is present and when the subscriber
knows it is present.
Unfortunately, adoption of the List-* standard is pretty erratic and I suspect
that most users don't know about these header fields at all, unless their mail
client has features that use them. Most don't.
Even for clients that implement the List-* construct, creating user filters that
are based on the List-ID field requires quite a bit of sophistication.
One note here: the base spec COULD suggest that if the signature fails
to verify and the subject is signed and begins with "[", that the
verifier might retry after removing the "[xxx]" part. And then, much as
with that part of the message that comes after the signed length, the
verifier must decide what to do if the retry succeeds.
Not only would that be building a heuristic into the validation portion of an
otherwise precise security specification, it would be basing the heuristic on an
undocumented convention that is far from universal, rather than on a a formal
standard.
But in the worst case, the list has simply invalidated the signature,
and we say that this SHOULD be considered equivalent to no signature at
all. Absent SSP, this is no bad thing.
I am inclined to agree. However the [] behavior is rather common. So we
probably should consider whether it is reasonable to have DKIM contain features
that are intended to allow a signature survive mailing list transit, when we
know that the final result will usually fail.
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-dkim] Re: Concerns about DKIM and mailiing lists, etc., (continued)
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc., Dave Crocker
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc., John Levine
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc., Michael Thomas
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc., Douglas Otis
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc., John Levine
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Mark Delany
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Hector Santos
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Barry Leiba
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists,
Dave Crocker <=
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Michael Thomas
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Dave Crocker
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Michael Thomas
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Dave Crocker
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Michael Thomas
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Dave Crocker
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Eliot Lear
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, John Levine
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Barry Leiba
- Re: [ietf-dkim] Concerns about DKIM and mailiing lists, Hector Santos
|
|
|