ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] I-D ACTION:draft-ietf-dkim-mailinglists-08.txt

2011-05-08 02:24:39
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Franck Martin
Sent: Friday, May 06, 2011 9:32 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] I-D ACTION:draft-ietf-dkim-mailinglists-08.txt

Sorry if I jump in, some comments:

+1 to Barry's comment about this being a week late.  :-(

4.3 it would be nice to talk about message encoding change like QP->8bits,
may be in minor or major body changes. It is a minor change for the human
but major for the machines as many characters got changed.

Which MLMs do this?  I've never heard of that.

5.1 "Some mail filtering software incorrectly penalizes a message
containing a DKIM signature that fails verification." You should
remind/add that a message that fails DKIM must be considered like having
no signature at all. Then you can bring ADSP, policy in the picture, and
there ADSP too will not make the difference if a message has no signature
or a failed signature. I have the feeling that making the point clears
helps in building message policies (out of scope of this document).

I don't think it's necessary to add at this point; we've already stated that 
DKIM itself is mandatory reading, plus it seems redundant to say that after the 
"incorrectly penalizes" remark.

Moreover, ADSP does indeed make a difference if a message has no signature or a 
failed signature, so that part seems wrong to me.

And finally, if the point of adding such a remark is to enable policy 
discussions, but policies are out of scope, then it seems like adding it is a 
bad idea.

"such as a signing and author subdomain {DKIM 12}" -> "such as a signing
and author subdomain {DKIM 12} or a totally different domain"

I'm on the fence on this one.  Does anyone else have an opinion?

5.2 There are some professional services that allows to look in to
reception at some providers

Do you have some specific text you want to propose here?  I couldn't imagine 
any based on this comment.

5.3 postmaster should inform their users that messages are likely to be
discarded if sent via a MLM.

Is this inbound or outbound?  I assume inbound given the title of the section.  
But again I couldn't concoct text in my head to match your remark.  Can you 
propose some?

6.8 talk about headers to add to the message but do not talk which
recommended headers should be signed. They are specified in DKIM 5.5 but
would be nice to do a reminder here specific to MLM.

It says to sign the entire message.  There was previously text in there that 
made specific recommendations about what to sign, like "sign any fields the MLM 
added or changed" or "sign the parts for which you want to take some 
responsibility", but the text that's there now won in the end.

Speaking of DKIM 5.5, List- headers are recommended to be signed, but
doesn't it creates confusion?  My feel is that they should be signed only
if present in the message, if they are not present DKIM should not mention
them in h= at all.

The text after the list in the current RFC4871bis Section 5.5 handles this 
topic nicely, I believe.

-MSK

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html