ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] New canonicalizations

2011-05-18 15:50:24
Murray S. Kucherawy wrote:

Ian wrote:
These aren't contradictory. If spammers are spreading their load across
large numbers of domains, then it's entirely feasible that top 1000
signing domains are not spammers, but that spammers collectively are
(or will one day be) responsible for over 50% of signatures. I don't
know whether that's the case though.

The contradiction is in the assertion that primarily spammers 
are using relaxed/relaxed, not the quantity of domains involved.

I don't believe that was the correct assertion stated.

More correctly, in my PCN, for the quantity of domains involved, the 
majority were unknown spammers and by far, most of these used 
relaxed/relaxed.  It is a PCN empirical conclusion based on data 
reduction which I assert is not entirely random (when it comes to DKIM).

Whatever the actual reason, since its not the default and the reality 
the option exist and serves a purpose, there is an reasonable 
practical explanation there is a certain population of domains seeking 
the path of least resistance with reduced accidental <cr><lf> 
injections and mutations along the path as its very possible to occur 
in our heterogeneous networks of Unix (LF), MAC (CR) or DOS (CRLF) 
transport, gateways and storage I/O differences.

I think the main point in all this is whether any formulas can be 
developed or as you may state, use for developing standards.

I don't think there is anything reliable there from I can see, but its 
not unreasonable for one to hypothesize that there might be a direct 
correlation between the number of hops and the tendency to use 
relaxed/relaxed. It might be interesting to see if that may be a 
motivation for using relaxed/relaxed:

      c-param vs ave # of hops (received lines)

If this tibit turns out to be statistically true,  then I think the 
only thing we can say is that "we did our job" to provide a relaxed 
C14N method to lower the transport mutations issues for those domains 
who need it.

-- 
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html