[Top] [All Lists]

Re: [ietf-dkim] ISSUE: Better definition of "DKIM signing complete"required

2006-11-24 05:12:13

----- Original Message ----- From: "Charles Lindsey" <chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk>
To: "DKIM" <ietf-dkim(_at_)mipassoc(_dot_)org>
Sent: Friday, November 24, 2006 6:02 AM
Subject: Re: [ietf-dkim] ISSUE: Better definition of "DKIM signing complete"required

On Fri, 24 Nov 2006 00:07:06 -0000, Hector Santos 

Charles Lindsey wrote:

 Because news and email regularly get gatewayed into each other.

But this suggest that you have a DKIM-NNTP based protocol...

It suggests no such thing. Read what I wrote and respond to that, and not to some strawman of your own invention.

Excuse me? You are the one that doesn't want t be left out in the News/Email Gateway world. But what about the ral news protocol world - called NNTP. You can't have it both ways. I don't about your Software Designs but in our News/Email Software design, you need NNTP in order to gate. This implies you will need NNTP considerations in the DKIM protocol and DKIM isn't written NNTP. I seriously doubt you can consider a NEWS/EMAIL system without considering all the NNTP issues as well.

You need to address the base system first which is 1 to 1 EMAIL concept before we even have a chance to make it work in a 1 to MANY or MANY to MANY environment.

Unfortunately, the world is already way beyond 1 to 1 EMAIL.

You're kidding?  Private mail is obsolete?

If you introduce DKIM without having previously considered the consequences for all existing practices, then perfectly legitimate things which have always worked will start to fail. And it is DKIM which will get the blame

I don't think so simply because DKIM wasn't design for NEWS/EMAIL gateways. I would never phantom to even consider it when the goal of a Mail Integrity system is to avoid as much transformations that you can.

Right, so why are fussing around with this can of worms? If the user with an exclusive domain is going outside a domain policy to post mail in a newsgroup,

Hold on! Read what I said. I said nothing about posting mail in a newsgroup. I spoke about posting news in a newsgroup, and DKIM is not involved in that because, as you correctly said, DKIM does not apply to NNTP (yet).

But Charles, NEWS/EMAIL gateways goes both ways. Your design would have to work in both directions. If you post via NEWS you are talking about GATING to a EMAIL system. What are the rules here? Do you hash the NNTP required headers? Do you strip them? And vice a versa? Same issues.

The problem does not arise until someone far away gates that news article back into email, at which point its lack of a DKIM signature suddenly gets noticed. So we need to think abut this and establish the correct procedures to be followed (maybe some signature by the gatewayer, or maybe some action by the mailing list admin that it was gatewayed to).

I am not sure I follow but this is exactly one of the protections I want - I don't want someone using my domain in such areas

Nonetheless, even if this was a variable consideration it would be a augmentation on the 1 to 1 DKIM system. Otherwise you need to break the specs today to include NNTP considerations.

And maybe (USEFOR hat on here) gateways from news to email ought
 > to be adding suitable Resent-* headers.

IMV, we should stop trying to mix EMAIL vs NEWS - two different things.

"We" (TINW) are not in a position to stop it. It already happens. Gatewaying between newsgroups and mailing lists is an already established feature of Usenet. You (TINY) have to live with that.

I do and we design develop and sell a NEWS/EMAIL gateway as well as other multi-mail network gateways. Do you? So I would like to feel I have a pretty good handle on whats realistic or not from all aspects from project to product design and development and more important, making it work right and friendly with other systems as well.

I think what you asking for is unrealistic and is getting us no where.


NOTE WELL: This list operates according to

<Prev in Thread] Current Thread [Next in Thread>