ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] draft-ietf-dkim-rfc4871bis-03: issues with 'z= Copied header fields'

2011-03-11 12:12:49
from [Mark Martinec] [Permanent Link] 
Section 3.5. of draft-ietf-dkim-rfc4871bis-03 describes the 'z' tag.
I have two comments on this tag.

issue #1. When dealing with an implementation, I realized that the
specification text has nothing to say on the *order* of header fields in
the 'z' tag. It does say that any header fields may be included, and that
this list has no direct correlation with a list of signed header fields,
i.e. the 'z' may include more, or less or different header fields than
the 'h' list.

As this tag mainly serves troubleshooting and statistics purposes, the
unspecified order may not be a serious issue. It is also not common
to include multiple occurrences of header fields, but that may just
as well be useful, e.g. Resent-*, Received, X-* fields.

It would be beneficial if the rfc would at least recommend one order.
It may seem obvious that a top-down order comes naturally, but
considering that a signing algorithm walks through multiple occurrences
of header fields bottom-up, the top-down order may no longer appear
so natural.


issue #2: The text for the 'z' tag includes the following:

  Header fields with characters requiring conversion (perhaps from
  legacy MTAs that are not [RFC5322] compliant) SHOULD be converted
  as described in MIME Part Three [RFC2047].

I find this confusing. If the purpose of this paragraph is to remind us
that a mail message header section must not be malformed, i.e. must
adhere to the 7bit ascii, etc., then I don't think this text belongs here.
A mail header section should be sanitized / converted to QP or
whatever is needed before signing, so there is no issue for rfc4871
or its 'z' tag here.

If however the above paragraph is to be understood that, despite knowing
that a mail header section contains improper characters, the DKIM signer
should QP encode them on its own for the purpose of forming the 'z' tag,
knowing that the actual mail header will not be sanitized, then I find it
clearly wrong. The purpose of the 'z' tag is to convey the actual text of
header fields as presented to a signing algorithm. Passing a sanitized
form to 'z' and unsanitized to the signer goes against the purpose of
the 'z' tag.

In short, I think the paragraph should just be removed.

  Mark
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Comments on draft-ietf-dkim-rfc4871bis-03, Hector Santos
Next by Date:  [ietf-dkim] draft-ietf-dkim-rfc4871bis-03: issue with 'k= Key type', Mark Martinec
Previous by Thread:  [ietf-dkim] Comments on draft-ietf-dkim-rfc4871bis-03, Jim Fenton
Next by Thread:  Re: [ietf-dkim] draft-ietf-dkim-rfc4871bis-03: issues with 'z= Copied header fields', Murray S. Kucherawy
Indexes:  [Date] [Thread] [Top] [All Lists]