At 09:33 PM 9/17/2004 +0100, David Woodhouse wrote:
On Fri, 2004-09-17 at 12:18 -0700, Miles Libbey wrote:
--- David Woodhouse <dwmw2(_at_)infradead(_dot_)org> wrote:
Second, it should be resilient to the common mangling which messages
may encounter in transit -- in particular the addition of text to the end
of a mail by mailing lists, by idiotic disclaimers and by self-advertising
virus checkers.
We should be careful in this requirement. Poking holes in
authentication means more chances for abusers. If we were to allow any
content at the end for instance, spammers may be able to figure out how
to replay legit messages and append their phishing information to the
end.
True. But I'd observe that the sender can happily convey the information
about precisely what was sent -- and it's up to the recipient to
determine how much mangling is acceptable.
Which raises a good question: shouldn't the sender have something to say about
this? Might some senders insist that their messages are sent perfectly in
order to verify their signature, while others might be more lax (perhaps
because they know they're going through a mailing list)? Both DomainKeys and
the next revision of IIM have provision for specifying a canonicalization (see
the b: tag on the IIM-Sig header on this message for a sample). Should we have
a signature for the strict (non-canonicalized) form of the message as well, to
give that option to the recipient as well?
-Jim