On 08/03/2010 06:53 PM, Michael Thomas wrote:
On 08/03/2010 09:40 AM, Murray S. Kucherawy wrote:
-----Original Message-----
From: Michael Thomas [mailto:mike(_at_)mtcc(_dot_)com]
Sent: Tuesday, August 03, 2010 9:21 AM
To: Murray S. Kucherawy
Cc: Rolf E. Sonneveld; ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] MLMs and the use of multipart/alternative to
preserve original DKIM signature and at the same time add a new DKIM
signature
But didn't we also say that such reverified signatures don't get any
additional meaning with 'z=' reprocessing?
Sorry, I don't understand.
I guess I don't either. You're saying use of "l=" and "z=" got your
mail-through-lists signature verification statistics up to 95%.
However, RFC4871 says "Copied header field values are for diagnostic
use" which I interpret to mean (and I think discussion on the list
back then also agreed) that the information in a "z=" tag isn't
supposed to contribute to the canonicalization algorithms, but
instead can only be used for diagnostic purposes (i.e., "This
signature failed, and via the 'z=' we know why... but it still
failed.").
Yeah, well, sue me for flipping that MUST NOT the bird. It works, z=
is signed
by the originator, and it's probably as high a recovery rate that
you'll ever
get going through mailing lists. We weren't proposing that it be part
of any
standard, and our reasons had nothing to do with ADSP either. All I'm
saying is
that if you want mailing list signature recovery, we've already done
that and
wrung out about as much as can be hoped for.
As I asked earlier, what is the purpose of this anyway? We were doing
it to
deal with spear-phishing attacks. Maybe I've missed the motivation for
the
mime thingy.
The motivation was the MLM draft document, par. 3.4. I quote:
<quote>
Changes that merely add new header fields, such as those specified by
[LIST-ID], [LIST-URLS] and [MAIL] are generally the most friendly to
a DKIM-participating email infrastructure in that their addition by
an MLM will not affect any existing DKIM signatures unless those
fields were already present and covered by a signature’s hash or a
signature was created specifically to disallow their addition (see
the note about "h=" in Section 3.5 of [DKIM]). The shortest path to
success for DKIM would be to mandate that all MLM software be redesigned
or re-configured with that goal in mind.
However, the practice of applying headers and footers to message
bodies is common and not expected to fade regardless of what
documents this or any standards body might produce. This sort of
change will invalidate the signature on a message where the body hash
covers the entire entire message. Thus, the following sections also
investigate and recommend other processing alternatives.
</quote>
It was my intention to add one such 'processing alternative'. Now the
question is: does it cover the remaining 5% or not? And if so (if we
could get to 100%), is it worth the (huge) effort to rewrite DKIM?
/rolf
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html