[Fwd: Re: [ietf-dkim] canonicalized null body and dkim]
Michael Thomas
mike at mtcc.com
Wed Dec 20 07:37:44 PST 2006
Stephen Farrell wrote:
> If the two fixes differ in how they affect signature robustness then
> that is a significant difference. Can you elaborate? (Sorry, I'm not
> a mail person so I don't get all the nuances of what can happen to
> the last few bytes of a message.)
Simply stated, as the draft is currently worded, the simple body
canonicalization
will be immune to additions *and* deletions of of CRLF's at the end of
the body
in all cases. The proposed change to the normative behavior, on the
other hand,
will not be immune to deletions. Deletions are something that happen in
real life,
and we have experienced then. Changing the normative sense of the draft
at this
point will reduce the number of verified messages.
I will also add that finding this has been an extremely maddening
adventure as
a developer. If we change it to what Mark and others are advocating, we are
condemning all future DKIM developers to find this problem themselves just
as I have and be faced with unpleasant alternatives of how to work
around it,
if they even find it in the first place. I don't wish my pain for this
one on anybody.
Mike
More information about the ietf-dkim
mailing list