On July 14, 2005 at 18:24, "Hallam-Baker, Phillip" wrote:
More generally, I think the "simple" appraoch does too little
and the "nowsp" does too much. As you say, dropping all the
internal space from the body leaves the door open too far.
I don't see how this is likely to result in a vulnerability unless the
sender is complicit in the construction of the message.
What you see now and what happens in the future may be two different
things. I think if you have a chance to minimize the amount of
mutations allowed (with no real cost in performance) you should do
it.
Now, I can see something like DKIM (or Meta-Signatures) used for
applications where integrity of the data is important, and something
like losing all whitespace should cause a verification error.
Let us remember here that empirically it has proved much easier to fix
broken crypto systems than to deploy over-engineered crypto systems.
In this case, I see no over-engineering done. I see suggestions
that are practical and provide no real impact to performance.
If I am not mistaken, the body canonicaliztion algorithm I proposed
is very similiar to what OpenPGP does. The only addition is
skipping all trailing LWSP at the end of the message.
The header canonicalization is a little more complex, but I see
nothing there that cannot easily be implemented.
--ewh