ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] chained signatures, was l= summary

2009-06-02 17:55:50
from [Jon Callas] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Jun 2, 2009, at 5:05 AM, Wietse Venema wrote:


Charles Lindsey:

On Mon, 01 Jun 2009 15:49:28 +0100, Barry Leiba 
<barryleiba(_at_)computer(_dot_)org 



wrote:


I think it's a terrible idea to (1) leave signatures in a message
after you break them, (2) add A-R without removing any already  
there,
or (3) add A-R without a signature covering it.


And I, on the contrary, believe it is a terrible idea EVER to  
remove a
signature or an A-R header. There is never anything to be gained by
throwing away information that someone more perceptive than  
yourself might
find useful.


Except, of course, when the bad guys use this to have their bogus
signatures and their bogus A-R headers "laundered" by naive signers.


I agree with Wietse on the basic principle here.

If one is providing an email service where one is *processing* a  
message, then removing old signatures and resigning is the best thing.

For example, a mailing list server processes the message in that it  
takes incoming messages and then resends them in some similar-to- 
identical form. I believe it is ideal in this case to remove the old  
signature and resign.

I as the ultimate receiver, filter and process those messages based  
upon the mailing list, not based upon the original sender. I'm on a  
number of lists with many of you and I want them organized by mailing  
list, not sending person. DKIM should be similar.

However, if someone implemented a mailing list server that did its  
best to be invisible, I wouldn't say it was doing the wrong thing,  
either.

The bad case is where I have a message that is signed by both parties  
and one signature is broken. That puts the message into some weird  
state. It's less weird when the person's signature is broken and the  
list signature isn't. The broken signature now just creates confusion.  
The other case is even more confusing, but yet the message is still  
cryptographically intact.

That's why if I were the author of the list server, I'd strip and  
resign (or resend while preserving the signature).

        Jon



-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII

wj8DBQFKJZ5ssTedWZOD3gYRApmsAJ98y9PBd4AZinARHBHJsziUqeK3pgCff4QM
zlbWthOHQspF35EhqHvchyk=
=BRdV
-----END PGP SIGNATURE-----

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] RFC4871bis - whether to drop -- l= and x=, Michael Thomas
Next by Date:  Re: [ietf-dkim] RFC4871bis - whether to drop -- l= and x=, Michael Thomas
Previous by Thread:  Re: [ietf-dkim] chained signatures, was l= summary, Charles Lindsey
Next by Thread:  Re: [ietf-dkim] RFC4871bis - whether to drop -- x: Signature expiration, Charles Lindsey
Indexes:  [Date] [Thread] [Top] [All Lists]