ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Mailing lists and s/mime & dkim signatures - mua considerations

2010-08-22 11:25:17
from [John R. Levine] [Permanent Link] 
At a conceptual level how the MUA shows validity information is important
going by John's descriptions. In the quick illistration here S/MIME sometimes
works and sometimes doesn't. Enhancing the MUA display with DKIM validity
information could be an important differenciator for an end user.
Based on the copies of the messages that come back here, the signatures are fine (other than the one I didn't sign in the first place) and the failure to show the signature is due to bugs in user MUA's S/MIME code. S/MIME has been around for a decade, and I've been a little surprised to find that the support in MUAs is so buggy once you get beyond the simplest cases. Why would you expect DKIM support to be any better? If this is important, wouldn't it be a lot quicker to file S/MIME bug reports (or for open source, bug fixes) with the MUA maintainers? 


The DKIM standard has gone a long way to ensure interoperatibility and the
ability to survive canonicalisation changes, header field additions and is
careful about which header fields are recommended for signing purely based on
survivability. Taking an approach saying we don't care if DKIM survives MLMs
is a step in the opposite direction. This is not a proposal I support.
I'm sorry, this gets the history wrong. We had a lot of arguments about this when we were doing 4871, and I believe you will find that we added l= over substantial opposition under the theory that it would compensate for a significant fraction of MLM modifications. I think we now have found that was overoptimistic. The right thing to do is to deprecate l=, not make more mistakes. 


S/MIME already does that, with a suitable pointer.

Not always. If S/MIME had a wider adoption perhaps DKIM wouldn't be needed.
Either way S/MIME hasn't got a wide adoption yet ...
Um, every popular MUA for Windows, Mac, Linux, FreeBSD, and so forth, supports S/MIME, including Kmail. I'm still trying to figure out why people who think it's important for list subscribers to verify the identity of contributors aren't using it. It took me about 15 minutes to get Usertrust to generate keys (no charge for individuals) and install them into my three MUAs. 

R's,
John

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Mailing lists and s/mime & dkim signatures - mua considerations, Hector Santos
Next by Date:  Re: [ietf-dkim] Mailing lists and s/mime & dkim signatures - mua considerations, Michael Thomas
Previous by Thread:  Re: [ietf-dkim] Mailing lists and s/mime & dkim signatures - mua considerations, Hector Santos
Next by Thread:  Re: [ietf-dkim] Mailing lists and s/mime & dkim signatures - mua considerations, Michael Thomas
Indexes:  [Date] [Thread] [Top] [All Lists]