ietf-mailsig
[Top] [All Lists]

Re: The end points are PEOPLE

2004-12-21 12:14:39

On Tue, 2004-12-21 at 10:31, Jim Fenton wrote:
Douglas Otis wrote:

<snip>

I suggested another method would be to flip how Resent-Sender and Sender
are handled in the case of user forwarding.  Normally the intent is to
leave the message appear as if there are no changes to its content. 
Obviously, applying a new signature would remove an assurance nothing
has changed.  One could view the use of Sender the best header for
referencing a signature, but what happens when this message is forwarded
by the User.  They typically want to preserve the From.

When you say "flip" it makes it sound like there is exactly one 
Resent-Sender, and that's not necessarily the case.  I suppose you could 
define which one (probably the first) gets swapped.  But what happens if 
the message gets verified in more than one place?

I assume you mean that the header's original order must be restored.  I
was suggesting the side effect of not restoring their order may be
considered a benefit in the case of signatures, as this would draw
attention toward the signer, when the Sender header is investigated. The
added notation, especially if the signature is valid, would indicate
what the headers actually contains as well as a signature history of
sorts.  What is the downside from not restoring their order?  The
resender (signer) would appear to be the party introducing the message
rather than an office administrator now once removed?  This information
would not be lost however and the Originator (From) information would
not be affected.  The use of the Sender header together with signatures
changes how these Sender headers cascade.

With the pretty-name rewriting hack, it's possible to verify multiple 
times if there's a reliable original version of the From header (e.g., 
the copied From header in IIM).  Each time the verification happens you 
start with the pretty-name on the original From header.

Both techniques could be used.  There is still the problem of locking
down a header, if we wish to use an existing header to reference
signature validations.

-Doug





<Prev in Thread] Current Thread [Next in Thread>