[ietf-dkim] Base-02 //Deprecated Signature Version & New
List
Eric Allman
eric at neophilic.com
Thu Jun 22 10:45:06 PDT 2006
There are many reasons I don't like this proposal. Let me start with
the easily fixed ones:
(1) Overloading existing tags to add new functionality is absurd.
Adding "d" to the end of the version has nothing to do with the
version; this should be a flag. Similarly, changing the n= tag
(which is supposed to be nothing more than human-readable "note"
text) to have additional semantics is bizarre; it should be a new tag.
(2) I'm getting a bit tired of seeing new terms used that have never
been defined. What's a VAQ value? Based on Google it seems to mean
"Value Added Quest" (a competition for all West Australian students).
Or maybe Soctiabank's "Value Added Quarterly". It's also a military
abbreviation for "Naval Tactical Electronic Warfare Squadron"
(derivation unclear). Oh wait, maybe it means the values of the v=,
a=, and q= tags. Now why not just say that in the first place?
And the more basic issue:
(3) Wasn't the issue of downgrade attacks discussed in Dallas and
resolved on the list? In specific, it was issue 1196 (Upgrade
indication and protection against downgrade attacks). As near as I
can tell, the exact same issues that Doug is raising were discussed
in this issue, and a frankly much more elegant approach was proposed.
Why is this issue alive again?
eric
More information about the ietf-dkim
mailing list