[dkim-dev] Choosing sets of headers to sign
Hector Santos
hsantos at santronics.com
Fri Jan 12 14:58:47 PST 2007
Douglas Otis wrote:
>
> On Jan 12, 2007, at 12:44 PM, Hector Santos wrote:
>
> Consider this: Spammers will be the first to implement a change.
Actual, bad guys do not have to change because DKIM-BASE is not forcing
signature requirements.
> So should a header containing "<utf8 at utf-8 [ascii at ascii]>" be signed?
>
> What heuristics are reasonable to recover from a downgraded <utf8 at utf-8
> [ascii at ascii]> or <utf-8 at utf-8> header?
I doubt this will have any impact on the email world any time soon, if
ever. Don't assume vendors are going to willy nilly add things that are
illogical and risk breaking across many fronts. The FROM: is one of
them. So from my standpoint, it doesn't apply.
Besides passthrus/routers shouldn't be changing anything in route and
EAI is basically the realm of the initial creator and MDA backend and/or
MUA supporting it which is BEFORE and AFTER the fact. Not the
transports where DKIM is currently designed for. EAI may be a problem
for your MUA DKIM ambitions but it isn't for transports.
> A restrictive policy used to solve these issues will reduce DKIM's
> delivery integrity. A associative policy solving this problem will
> increase DKIM's delivery integrity and even permit better protection.
> Unfortunately, the current header signing requirements will create an
> immediate reliability problem that will surely be exploited.
You keep going on and on and on and on to a different DESIGN that DKIM
is not designed for. Something that I have seen no one is interested in
or agrees with you. So why do you do this? When will it end? It
doesn't matter what anyone writes, you will keep bringing up the same
thing over and over again. Its getting monotonous Doug . So why do
you keep doing this?
---
HLS
More information about the dkim-dev
mailing list