An alternative would be to err on the other side: a "mellowed"
canonicalization, that respects only the fields and entities whose
meaning and encoding is well known and stable, so as to allow some
kind of forgeries rather than accidental breaking.
The main question here is: how often are DKIM signatures invalidated
during transit, what is the exact cause (case- or similar
modifications of header fields?) and how much do we gain by defining a
new canonicalization algorithm? Do we have any real-world figures
about this 'accidental breaking'? How many DKIM signatures on average
survive two MTA hops? How many three hops? Etc.? Is there a
relationship? And if they get broken, is that due to changing case of
header fields or due to other changes? And if the number of broken
signatures caused by transit systems (apart from the mailing list
issues, which bring their own problems) is non-negligeable, is there
anything that we can do to improve things?
Rolf,
With most mailing-lists, nearly all signatures will be damaged whenever
the subject line is modified, or something has been appended to the
message body.
Any strategy that attempts DKIM settings to permit such modification
exposes recipients relying on DKIM to be taken in by simple exploits.
Such exploits might be used either enable convincing spamming or
phishing schemes, which weakens the value DKIM otherwise would have
afforded.
A safer strategy would be to permit DKIM domains a means to grant
exceptions en-mass for mailing lists known good at excluding spamming
and phishing, with hopefully subject lines and mailfrom or reply-to
lines being changed to it clear the message was distributed by the
mailing-list. Efforts at making such distribution transparent only
invites abuse.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html