Dave Crocker wrote:
My main guideline is that the canonicalization process
does not undermine the meaning of the data.
I don't understand why preserving the "meaning" of the data is at all
relevant. The canonicalized form is, after all, a transient not intended to
be used in place of the true or original form at all.
Making sure we are all very clear about the nature and purpose of
canonicalization, as used by DKIM, is not a small point. Should there be
changes in the language of the draft to try to work harder, at ensuring the
reader understands this point?
Members of the list differ on what canonicalization is trying to
accomplish. We need to get consensus on that before we make much
progress on what the algorithm(s) themselves are. Here are some
possibilities:
1. Minimal changes to the message.
2. Only allow modifications explicitly permitted by RFC2822.
3. Do not alter the semantics of the message.
4. Do not provide a reasonable opportunity for abuse.
An algorithm in each category is sufficient for each succeeding category
(earlier categories are more conservative and later ones are more liberal).
As written, 'simple' is in category 1 and 'nowsp' is in category 4. If
we really want to preserve semantics, we need something other than
nowsp, but the goal (well, mine at least) was to prevent abuse, not
necessarily to maintain semantics. Is that the right goal?
-Jim