-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Alessandro
Vesely
Sent: Friday, May 27, 2011 10:09 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] New canonicalizations
By introducing a loose canonicalization we may learn whether signature
survivability affects DKIM adoption. If wider usage introduces
attacks, we can switch back to current canonicalizations --in case
downgrades will have gone away-- or design yet another one,
approaching just the tightness we need. My appeal is for not imposing
monotonicity to successive approximations, and allow erring on the
too-lose side as well.
So what, for example, would you do differently? The unfortunate thing about
the way the crypto works is that you get a failure, but you don't know for sure
what changed other than "it was in the header" or "it was in the body". "z="
sometimes gives you details about the former but it's not in widespread use.
I'm all for including experimental code in future releases of our stuff,
especially if it's an experiment other implementations are trying. But I need
to see a spec first, or enough detail that I could write one.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html