ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Statistics about DKIM and MIME

2010-10-25 12:04:40
from [Murray S. Kucherawy] [Permanent Link] 
-----Original Message-----
From: John R. Levine [mailto:johnl(_at_)iecc(_dot_)com]
Sent: Monday, October 25, 2010 8:07 AM
To: Murray S. Kucherawy
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Statistics about DKIM and MIME


The one that stands out is "multipart/signed" (from RFC1847) which drops
to about a 65% survival rate.  I don't know much about how this is
typically formatted or treated enroute, but it was easily the biggest
outlier in the report.  Not sure if that should be a surprise to us or not.


I'm surprised.  That suggests something often adds the S/MIME signature
after the DKIM signature, but as far as I know, S/MIME signatures are
usually applied by the MUA.

Do the stats say what kind of failure it was, e.g. body hash or header
hash?


Actually it's worse than I said originally.  We track pass/fail in two bits, 
one being whether or not the crypto lined up and the other being whether or not 
the body hashes matched.  Thus, it's possible to get a "pass" coupled with a 
body hash change.  I had only selected for the first bit.

So here are the stats again.  The first column is obviously the media type; the 
second is the count of signatures covering a message with that type as the 
outermost MIME part; the third column is the number of those that passed in 
both the crypto and the body hash sense, and the fourth is the pass percentage.

application/ms-tnef               26      23      88.5%
application/pdf                   16      16      100%
message/disposition-notification  10      10      100%
message/rfc822                    2       2       100%
multipart/alternative             290865  265270  91.2%
multipart/mixed                   38509   35370   91.8%
multipart/related                 7959    7149    89.8%
multipart/report                  958     883     92.2%
multipart/signed                  314     86      27.4%
text                              13      13      100%
text/calendar                     34      32      94.1%
text/html                         63144   55880   88.5%
text/plain                        72195   55415   76.8%

In the particular case of multipart/signed there were 106 messages where the 
RSA verification failed, but 122 where it passed but the body hash at the 
verifier didn't match the one in the signature.  So more failures occur from 
body changes than do from header changes.


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Proposal for new text about multiple header issues, Steve Atkins
Next by Date:  Re: [ietf-dkim] wildcards, was Focusing on 4871bis, Eliot Lear
Previous by Thread:  Re: [ietf-dkim] Statistics about DKIM and MIME, John R. Levine
Next by Thread:  Re: [ietf-dkim] Statistics about DKIM and MIME, Michael Thomas
Indexes:  [Date] [Thread] [Top] [All Lists]