Eliot Lear said...
I'd have to go further than what you wrote. I believe the document
should explicitly discuss interactions with DKIM, as that document is in
front of the IESG at this time for approval as a Proposed Standard.
Many modifications to a message will invalidate a DKIM signature. It
may be possible for an OPES agent to resign, but there are implications
there too that should be discussed.
I'm with Ted here: this is a very high-level document, not one that's
actually specifying the OPES SMTP "adaptation". Perhaps (just perhaps;
I'm not convinced of that either) the final adaptation specification
should talk about DKIM. But not this one.
In particular, I'll note that there are many places where a mail message
can be modified today, in ways that break the DKIM signature -- in an
SMTP server, in a Sendmail milter, in a Sieve script, in a mailing-list
expander, and so on. Think of OPES in SMTP as a standardized version of
Sendmail milter (which would, I hope, fix some of the unfortunate
limitations of the latter). Sure, there are things it might do that
could invalidate DKIM signatures. And there are lots of things it might
do that won't.
Apart from a note that says, "Changing the message might invalidate DKIM
signatures, so go look at the DKIM spec and make sure you understand
what you're doing," I don't see what some future OPES SMTP adaptation
document should do about this. And I certainly don't see what this
document should do about it.
Barry
--
Barry Leiba, STSM, Internet Messaging Technology
(leiba(_at_)watson(_dot_)ibm(_dot_)com)
http://www.research.ibm.com/people/l/leiba
http://www.research.ibm.com/spam
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf