[ietf-dkim] ISSUE: tag l=2 and dealing with leading blank lines for SIMPLE c14n.
Scott Kitterman
ietf-dkim at kitterman.com
Wed Jan 24 10:07:42 PST 2007
On Wednesday 24 January 2007 12:57, John Levine wrote:
> >> If the signer wants to make sure that messages are not subject to
> >> "append attacks", they shouldn't use l=. Use the default.
> >
> >IIRC, every time someone brings up l= problems, the response is don't use
> > it. Is there a problem it solves that we need it? If it's inherently
> > risky and should not be used, I'm wondering if it should even be in the
> > RFC?
>
> Personally, I have never thought that l= would be useful, but I was
> willing to leave it in the draft for the benefit of people who want to
> try it out. This document is in last call, it is nuts to propose
> opening it up to add yet more untried features of at most debatable
> utility.
>
> -99 to any proposed new features
>
Agreed. My question was mostly academic (should have said that I guess), but
if we are going to get into a long discussion about fixing problems with l=,
then the alternative of removing it seems worth considering (I'm not
proposing we have the long arguement, but if we do...).
Scott K
More information about the ietf-dkim
mailing list