ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] New canonicalizations

2011-05-16 11:48:11


On 5/16/2011 10:40 AM, Mark Delany wrote:
On 16May11, Alessandro Vesely allegedly wrote:
On 16/May/11 15:41, John R. Levine wrote:
http://www.opendkim.org/stats/report.html#hdr_canon says

Header canonicalization use:
canonicalization   count   domains passed
simple               653688        6786    591938
relaxed              3940377       56621   3640854

Although they only differ by 2% (90% simple vs 92% relaxed), such
percentages would be superb for tools like Spamassassin.  I'd expect
at least 99% from a cryptographic tool.

This tells me that the benefit from relaxed is at most pretty small.

OTOH, comparing the "count" fields of those two lines, 86% relaxed vs
14% simple, says that such kind of benefit is really really wanted.

But that's a perceived benefit, not an actual one.

I agree that the above does not give us insight into actual benefit.  Rather, 
it 
tells us something about beliefs and goals of signers; they chose one or the 
other because they /believed/ it would be helpful. As to whether it really was, 
we can't see here.


Folk think they need "relaxed" to significantly increase survivability
but that's not the case given the stats above. So yo may be right that
folk really really want it, but they don't really really need it.

Sorry, but I believe the above also does /not/ help us to understand actual 
survivability differences.

To assess that difference, the experiment needs to send the same set of message 
twice, one with each type of canonicalization, and then see what the survival 
differences are.

The problem with the above is the biasing factor of signers' choosing to use 
one 
or the other, based on criteria we can't know about.  Their criteria might have 
greatly affected actual survival rates.  Or might not have...


d/

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html