ietf-dkim
[Top] [All Lists]

Re: [Fwd: Re: [ietf-dkim] canonicalized null body and dkim]

2006-12-20 08:45:43
Stephen Farrell wrote:
If the two fixes differ in how they affect signature robustness then
that is a significant difference. Can you elaborate? (Sorry, I'm not
a mail person so I don't get all the nuances of what can happen to
the last few bytes of a message.)
Simply stated, as the draft is currently worded, the simple body canonicalization will be immune to additions *and* deletions of of CRLF's at the end of the body in all cases. The proposed change to the normative behavior, on the other hand, will not be immune to deletions. Deletions are something that happen in real life, and we have experienced then. Changing the normative sense of the draft at this
point will reduce the number of verified messages.

I will also add that finding this has been an extremely maddening adventure as
a developer. If we change it to what Mark and others are advocating, we are
condemning all future DKIM developers to find this problem themselves just
as I have and be faced with unpleasant alternatives of how to work around it, if they even find it in the first place. I don't wish my pain for this one on anybody.

      Mike
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>