[Top] [All Lists]

Re: [ietf-smtp] DKIM andsmtp extension model (was: Re: [Proposal] confusing parts of the mail system, was 250-MARKDOWN)

2019-02-01 02:11:19
In article <F5A0D1E3B5FC14EEFBB6C7E7@PSB> you write:

skipping over all the parts I agree with ...

...  When the EAI WG was
doing that work, it was clear that interactions with DKIM were
unspecified and fairly clear that DKIM was not going to work
with such addresses and message headers without some careful
thinking and specification adjustments. ...

DKIM turns out to be OK on SMTPUTF8 mail.  So long as you do the DKIM
signing after all of the cleanup that submission does, the signatures
are fine.  If something later recodes or reorders body parts, the
signatures will break, but that's hardly unique to EAI.  DKIM has some
optional canonicalization rules for computing the hashes which turn
out to be useless.

I strongly disagree. It depends on whether you're talking about headers or
bodies. Relaxeded header canonicalization is incredibly useful. Relaxed body
canonicalization, not so much.

Hashes using the complicated fuzzy rules don't
work any better than the simple rule that says hash everything
verbatim except drop blank lines at the end of the message.

For messages bodies, yes. The situation with headers is different - the
relaxed case is easy to implement and gets mesages past certain
transformations that otherwise would break the signature.


ietf-smtp mailing list