----- Original Message -----
From: "Charles Lindsey" <chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk>
To: "DKIM" <ietf-dkim(_at_)mipassoc(_dot_)org>
Sent: Friday, November 24, 2006 6:02 AM
Subject: Re: [ietf-dkim] ISSUE: Better definition of "DKIM signing
On Fri, 24 Nov 2006 00:07:06 -0000, Hector Santos
Charles Lindsey wrote:
Because news and email regularly get gatewayed into each other.
But this suggest that you have a DKIM-NNTP based protocol...
It suggests no such thing. Read what I wrote and respond to that, and not
to some strawman of your own invention.
Excuse me? You are the one that doesn't want t be left out in the
News/Email Gateway world. But what about the ral news protocol world -
called NNTP. You can't have it both ways. I don't about your Software
Designs but in our News/Email Software design, you need NNTP in order to
gate. This implies you will need NNTP considerations in the DKIM protocol
and DKIM isn't written NNTP. I seriously doubt you can consider a
NEWS/EMAIL system without considering all the NNTP issues as well.
You need to address the base system first which is 1 to 1 EMAIL concept
before we even have a chance to make it work in a 1 to MANY or MANY to
Unfortunately, the world is already way beyond 1 to 1 EMAIL.
You're kidding? Private mail is obsolete?
If you introduce DKIM without having previously considered the
consequences for all existing practices, then perfectly legitimate things
which have always worked will start to fail. And it is DKIM which will get
I don't think so simply because DKIM wasn't design for NEWS/EMAIL gateways.
I would never phantom to even consider it when the goal of a Mail Integrity
system is to avoid as much transformations that you can.
Right, so why are fussing around with this can of worms? If the user
with an exclusive domain is going outside a domain policy to post mail
in a newsgroup,
Hold on! Read what I said. I said nothing about posting mail in a
newsgroup. I spoke about posting news in a newsgroup, and DKIM is not
involved in that because, as you correctly said, DKIM does not apply to
But Charles, NEWS/EMAIL gateways goes both ways. Your design would have to
work in both directions. If you post via NEWS you are talking about
GATING to a EMAIL system. What are the rules here? Do you hash the NNTP
required headers? Do you strip them? And vice a versa? Same issues.
The problem does not arise until someone far away gates that news article
back into email, at which point its lack of a DKIM signature suddenly gets
noticed. So we need to think abut this and establish the correct
procedures to be followed (maybe some signature by the gatewayer, or maybe
some action by the mailing list admin that it was gatewayed to).
I am not sure I follow but this is exactly one of the protections I want - I
don't want someone using my domain in such areas
Nonetheless, even if this was a variable consideration it would be a
augmentation on the 1 to 1 DKIM system. Otherwise you need to break the
specs today to include NNTP considerations.
And maybe (USEFOR hat on here) gateways from news to email ought
> to be adding suitable Resent-* headers.
IMV, we should stop trying to mix EMAIL vs NEWS - two different things.
"We" (TINW) are not in a position to stop it. It already happens.
Gatewaying between newsgroups and mailing lists is an already established
feature of Usenet. You (TINY) have to live with that.
I do and we design develop and sell a NEWS/EMAIL gateway as well as other
multi-mail network gateways. Do you? So I would like to feel I have a
pretty good handle on whats realistic or not from all aspects from project
to product design and development and more important, making it work right
and friendly with other systems as well.
I think what you asking for is unrealistic and is getting us no where.
NOTE WELL: This list operates according to