[ietf-dkim] Possible problem with "simple" body canonicalization
-- trailing CRLFs
John L
johnl at iecc.com
Wed Jul 19 18:23:02 PDT 2006
> Your information is out of date. RFC 1830 was superceded by RFC 3030 in
> December 2000.
Oops.
> Well, one thing I do worry about is the assumption some folks keep making that
> the transport infrastructure doesn't, or isn't supposed to, mess around with
> message content. Like it or not, operations like encoding downgrading (or
> upgrading) are an explicit part of the email architecture and have been ever
> since MIME came out. ...
I think we're in violent agreement here. Every time a message passes
through a relay, the relay modifies it somehow. Ideally, the message
would be DKIM signed by the sending domain's outgoing mail relay and the
signature checked by the recipient's MX. But since that's not always
going to be possible, a design goal of DK and I hope DKIM is for
signatures to survive typical relay behavior insofar as is practical.
To me this means that for stuff that is common, straightforward, and well
understood, e.g., adding new headers, reordering some existing headers,
and adding blank lines at the end, we have provisions to deal with that.
For anything more complicated, forget it. It's clear to me that for
messages that don't end with CR LF (which is impossible in normal SMTP
anyway) or that have bare CR or LF, the behavior of relay MTAs is varied
and hard to predict, so the only useful advice we can give to people who
want their signatures to work is Don't Do That.
If you want your signatures to work, be sure the message you're signing is
as squeaky clean 2822 compliant as possible so as to give relay MTAs as
little incentive as possible to make helpful modifications. I realize
that we have existing software and we can't always upgrade it, but if we
want something that's designed to be resilient in the face of every known
hostile MTA, we already have S/MIME and this is not it. The existing
simple canonicalization covers a large and useful set of relay MTA
behavior, so I think we should declare victory and stop.
Regards,
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://johnlevine.com, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.
More information about the ietf-dkim
mailing list