[ietf-dkim] 1193 considered harmful
Hector Santos
hsantos at santronics.com
Mon Mar 27 01:39:47 PST 2006
----- Original Message -----
From: "Michael Thomas" <mike at mtcc.com>
To: "Barry Leiba" <leiba at watson.ibm.com>
> Barry Leiba wrote:
>
> >> However we have so far preserved the ability of a pre-IETF signer to
> >> work with a post-IETF DKIM verifier. (So, Barry's statement is true,
> >
> > > but I'm not sure it addressed the concern.
> >
> > I believe my text, or a reasonable variant of it (modulo Paul's
> > concerns, for instance) preserves this ability. Do you disagree?
> > Perhaps, if you do, changing a SHOULD to a MUST would fix that?
>
> This has never been in dispute. It's not backward compatible for the
> receiver and that has *always* been my concern.
But Mike, isn't it already non-backward compatible when "relaxed" was added
within the last few months? Did you have a concern then or was Relaxed a
required new feature?
In my opinion this bodyhash proposal has major set of more benefits for the
receiver than this single idea this relaxed change addressed. Relaxed only
addressed, I believe, a security concern. The bodyhash address all sorts
of real issues that will happen on a every day basis across the board such
as error detection and overhead reduction and optimization. Yet, it was
deem necessary to break all the imaginary widely adopted systems out there
using the older original DKIM spec. I could be wrong, but I don't even
remember it (relaxed) even being discussed in the list - the change just
appeared out of thin air when the current proposal was released.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
More information about the ietf-dkim
mailing list