Fwd: Re: [ietf-dkim] Introducing myself
chl at clerew.man.ac.uk
Thu Dec 7 02:41:32 PST 2006
On Wed, 06 Dec 2006 16:36:32 -0000, Wietse Venema <wietse at porcupine.org>
> Charles Lindsey:
>> That was quite some time ago, so to refresh your memories, I had been
>> claiming that DKIM-base would fail to verify if some message had its
>> Content-Transfer-Encoding changed en route,....
>> It is less that 140 lines of Perl (excluding comments and empty lines).
>> Hardly any "orders of magnitude" in evidence there.
> Actually, it's 128 lines. But that's a minor detail.
Hmmm! I actually counted 138 :-( .
> My concern is about interoperabilitity. With the present design,
> senders and recipients who exchange QP or Base64 content only need
> bug-compatible MIME processors in their respective MUAs.
I have little sympathy with implementations that don't adhere to standards.
> When DKIM signers and verifiers are requird to up-convert QP or
> Base64 content before computing signatures, we also require that
> all DKIM signers and verifiers have bug-compatible MIME processors.
> That is, bug-compatible with every MUA.
However, it is not as bad there as you suggest. Provided the c14n is
correctly implemented at both ends (and there is never any room for
incorrectly implemented c14n), it does not matter if some buggy MUA
produces bad Q-P or Base64, because the c14n will treat it the same way at
both ends. But the specification of the c14n has to be very tightly drawn.
It *does* matter if some MTA that downgrades 8BITMIME en route gets it
wrong. And I need to look into that (I have the source code of sendmail to
hand). Fortunately, RFC 2045 defines pretty exactly how Q-P and Base 64 is
to be done, especially as regards which CRLFs belong to the text being
(en/de)coded, and which to the structure of the multipart.
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim