Re: Web pages for MASS effort


...... Original Message .......

Presuming you're referring to features like canonicalization, body 
length count, and header copying,


yes. 

 However canonicalization is merely related to minor syntax changes.  The 
other two are trying to protect against some types of semantic changes (but 
not others.)


in IIM there is no ambiguity as to

what the sender chose.  It is all


the ambiguity is at the system and architecture level not with the iim 
spec. 

The heuristcs inviolve the utility of the mechanisms.

  Iim is 'guessing' that it will cover a useful set of semantic changes to 
the message. That is the techniques are thenselves heuristics.

I'm receiving a certain amount of DK-signed mail now.  Virtually none of 
it verifies successfully because it has passed through a mailing list 
that did something (usually minor) to the message.


the requirement is to get mailing lists to do the signing, not to create 
long term standards hacks trying to get around situations in which an 
entity posts a new message that looks a lot like an old message that 
happened to be signed.

By the way, the semantics of this distinction is much clearer if the 
signing is done by the 822.sender and not the 822.from.

  Requiring mailing lists, in all cases, to sign their messages 
greatly slows the usefulness of any signature mechanism.


My own experience is that adoption is speeded by simplicity and directness 
of a specification and its use.

from a systems and architecture standpoint this is neither.

Describing it as an "arms race" implies that the operators of mailing 
lists are actively working to defeat signature-based mechanisms, which 
is not the case.  We aren't trying to track intermediary behavior going 
forward, just to accommodate widespread legacy behavior.


It is an arms race because it involves partial effort to defeat processes 
that are hostile to the message.  As the inadequacies of the partial 
mechanism get reactions from users there will be increasing pressure to add 
more hacks.

Let me be very clear.  The problem is not with mailing list developers or 
operators.  

The problem is with our own view that they are not full fledged originators 
of mail.

_
Dave Crocker
Brandenburg InternetWorking
brandenburg.com

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Web pages for MASS effort, (continued) Re: Web pages for MASS effort, Jim Fenton Re: who's the responsible party?, John Levine Re: Web pages for MASS effort, Justin Mason Re: Web pages for MASS effort, Jim Fenton Re: Web pages for MASS effort, Dave Crocker Re: Web pages for MASS effort, Tony Finch Re: Web pages for MASS effort, Dave Crocker Re: Web pages for MASS effort, Michael Thomas Re: Web pages for MASS effort, Tony Finch Re: Web pages for MASS effort, Jim Fenton Re: Web pages for MASS effort, Dave Crocker <= Re: Web pages for MASS effort, Michael Thomas Re: Web pages for MASS effort, Douglas Otis Re: Web pages for MASS effort, Dave Crocker Re: Web pages for MASS effort, Dave Crocker Re: Web pages for MASS effort, Jim Fenton Re: Web pages for MASS effort, Dave Crocker Re: Web pages for MASS effort, Michael Thomas Re: Web pages for MASS effort, Dan Wing Re: Web pages for MASS effort, Dave Crocker Re: Web pages for MASS effort, Dan Wing

Previous by Date:	Re: Web pages for MASS effort, Dan Wing
Next by Date:	Re: Web pages for MASS effort, Michael Thomas
Previous by Thread:	Re: Web pages for MASS effort, Jim Fenton
Next by Thread:	Re: Web pages for MASS effort, Michael Thomas
Indexes:	[Date] [Thread] [Top] [All Lists]