On 23 May 2011, at 17:10, Hector Santos wrote:
Ian Eiloart wrote:
On 23 May 2011, at 15:19, Hector Santos wrote:
But why skip? Usually the message won't be downgraded. And even if they
are, usually a broken signature will cause no harm.
Thats the problem - define "usually" and also define "no harm."
Well, harm will only be done when someone incorrectly punishes a broken
signature. They should not do that,
Rhetorically, why not? Put another way, why should a receiver tolerate
failure, or better, why should DKIM itself - the technology - tolerate
failure? Sounds like DKIM has some inner soul turmoils - a devil on one
shoulder and angel on the other.
Because there are known to be paths that break DKIM signatures. And because of
this: http://www.apps.ietf.org/rfc/rfc4871.html#sec-6.3
so the damage is actually done by the recipient, not by the downgrading.
Well, thats a difference in two reasonable mindsets - a receiver who views
faults as part of the strength of securing a technology and a receiver who
tolerates faults - accepts everything including one that are direct and
indirectly created and passes the buck to end-users. I like to believe there
exist a commonality where false positive deterministic methods can be use to
detect violations of an authentication and integrity technology.
Rhetorically, its all for nothing, why bother looking at how to fix C14H
hashing, talk about content formatting downgrades when failure is tolerated
and per specification, deliberately ignored?
Because success has value, if you have a good reputation as a signer.
--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html