[ietf-dkim] yet more of the usual list nonsense, was suspicious
Charles Lindsey
chl at clerew.man.ac.uk
Fri Oct 12 04:36:51 PDT 2007
On Thu, 11 Oct 2007 21:40:54 +0100, John Levine <johnl at iecc.com> wrote:
> Well, if we assume that we can wave our wand and assume that there are
> DKIM signatures on usenet messages, which seems unlikely anytime soon,
> they wouldn't survive a gateway to e-mail anyway since the headers,
> although similar, are not identical.
Actually, DKIM should work quite well on Usenet if anyone wants to use it
(quite a lot of posters routinely sign their articles with PGP, which
makes them difficult to spoof).
And I don't see why the DKIM signature should not survive the gateway
unless the gateway did something really stupid like removing the
Newsgroups header (which would quite likely be signed, but is quite
harmless if left in an email - enables people to see that it was
originally a Usenet article). And the Gateway would be even stupider if it
tried to alter the From, Message-Id, Date, etc which are the same in both
media. There might be trouble if it tried to replace any Sender header
with itself.
>
> A DKIM based filter could work at the gateway, in either direction.
> That would be a swell place to check signatures.
Indeed so.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim
mailing list