On 2005-08-03 14:44:13 -0700, Jon Callas wrote:
Forwarding, as in the MUA command, does frequently break things.
This is one of my peeves with MIME mail in general. This is a
problem with MIME, not with signing, however. I'm -- umm --
notorious? -- for my dislike of MIME email of any sort, and the
reason is that MUAs seem to handle it so badly. For example, my
usual airline insists on sending itineraries in MIME with lots of
prettiness in it, and if I want to forward my itinerary to
someone (and still expect them to meet me at the airport), I have
to render it into PDF and send the PDF.
I'm wondering about the relevance of that observation in the context
of DKIM -- is there any reason at all to assume that forwarding in
the MUA sense will leave a DKIM signature intact?
My guess would be that simple encapsulation in a message/rfc822 body
would leave it intact, but that's the case which works well for
multipart/signed, too.
The cases that would break multipart/signed look like they would as
well (or even more likely -- consider the impact of forwarding on
headers) break DKIM signatures.
(Which leaves your observation that there are lots of bad MUAs out
there. No doubt about that.)
Regards,
--
Thomas Roessler, W3C <tlr(_at_)w3(_dot_)org>