[ietf-dkim] Broken signatures, was Why mailing lists should strip them
vesely at tana.it
Fri Apr 30 05:03:47 PDT 2010
On 30/Apr/10 08:50, Murray S. Kucherawy wrote:
>> bounces at mipassoc.org] On Behalf Of Alessandro Vesely Sent: Thursday, April 29, 2010 10:55 PM
>> Yet, it would seem that by, say, hashing just invariants of binary representations of the first entity, e.g. discarding its white space and punctuation, one may reach very high percentages of unbroken retransmission.
> This sounds like what DomainKeys (RFC4870) called "nofws" canonicalization, which was discarded in favour of what is now "relaxed" in DKIM.
Not exactly, removing punctuation would also take lines beginning with
">from". For the body, we could peek any suitable baseline
tokenization and hash its results.
> I don't specifically recall the reasons now but I'm sure they're in the archives if someone else cares to dig that far back.
The reason is meticulous security, which makes mailing lists' contents
sleazy and illegitimate.
One is http://mipassoc.org/pipermail/ietf-dkim/2005q3/000002.html
(the previous part of the discussion is in some other archive or lost,
but much text can be read in the quoted part of the message.) It
"Amoeba yeast" to Amo ebay east
Another good summary of the driving thoughts is given in
(while discussing whether to keep body- "relaxed".) It exemplifies
Content-Type: image/jpegContent-Transfer-Encoding: base64
More information about the ietf-dkim