John R. Levine wrote:
Hi Hector,
At 15:20 14-05-2011, Hector Santos wrote:
Shouldn't the MLM I-D say something regarding C14N and CR/LF related
mutations?
No.
+1 to the No.
I have my reservations about the draft, but this is not one of them.
In general, I would say NO too because I don't like kludges.
My point is that the draft is already peppered with scenarios about
how MLM can break things and it properly classifies the known simple
"list-like" type of "alias" address expanders that in general, the
messages is not altered.
Of course, we all know its not the only kind; a real List Server
always provides list admin options to not alter things like the
IETF-SMTP list seems to be been setup (with mailman?).
But here, it appears it does add a extra <CRLF> after the headers.
So my question is about whether we should provide an "informative
implementator" insight that there may be an extra <CRLF> generated by
non-DKIM aware list. It can make all the difference in a valid versus
invalid DKIM signed submission to a non-DKIM aware MLM, which BTW, I
did add logic to my verifier to check for this extra <CRLF> when a
BODY_HASH error first occurs and redo the hash without it. It works!
But I am probably going to add a condition based on LIST-ID to
enable this check.
I fail to see why we would not be interested in giving verifiers some
insight into this real live scenario.
Is it because its a more general DKIM issue and ideally belongs in
RFC4671bis (too late)?
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html