[ietf-dkim] MLMs and the use of multipart/alternative to preserve original DKIM signature and at the same time add a new DKIM signature

Tue Aug 3 10:34:55 PDT 2010

On 08/03/2010 06:53 PM, Michael Thomas wrote:
> On 08/03/2010 09:40 AM, Murray S. Kucherawy wrote:
>>> -----Original Message-----
>>> From: Michael Thomas [mailto:mike at mtcc.com]
>>> Sent: Tuesday, August 03, 2010 9:21 AM
>>> To: Murray S. Kucherawy
>>> Cc: Rolf E. Sonneveld; ietf-dkim at mipassoc.org
>>> Subject: Re: [ietf-dkim] MLMs and the use of multipart/alternative to
>>> preserve original DKIM signature and at the same time add a new DKIM
>>> signature
>>>
>>>> But didn't we also say that such reverified signatures don't get any
>>>> additional meaning with 'z=' reprocessing?
>>>
>>> Sorry, I don't understand.
>>
>> I guess I don't either. You're saying use of "l=" and "z=" got your 
>> mail-through-lists signature verification statistics up to 95%. 
>> However, RFC4871 says "Copied header field values are for diagnostic 
>> use" which I interpret to mean (and I think discussion on the list 
>> back then also agreed) that the information in a "z=" tag isn't 
>> supposed to contribute to the canonicalization algorithms, but 
>> instead can only be used for diagnostic purposes (i.e., "This 
>> signature failed, and via the 'z=' we know why... but it still 
>> failed.").
>
> Yeah, well, sue me for flipping that MUST NOT the bird. It works, z= 
> is signed
> by the originator, and it's probably as high a recovery rate that 
> you'll ever
> get going through mailing lists. We weren't proposing that it be part 
> of any
> standard, and our reasons had nothing to do with ADSP either. All I'm 
> saying is
> that if you want mailing list signature recovery, we've already done 
> that and
> wrung out about as much as can be hoped for.
>
> As I asked earlier, what is the purpose of this anyway? We were doing 
> it to
> deal with spear-phishing attacks. Maybe I've missed the motivation for 
> the
> mime thingy.

The motivation was the MLM draft document, par. 3.4. I quote:

<quote>
Changes that merely add new header fields, such as those specified by
[LIST-ID], [LIST-URLS] and [MAIL] are generally the most friendly to
a DKIM-participating email infrastructure in that their addition by
an MLM will not affect any existing DKIM signatures unless those
fields were already present and covered by a signature’s hash or a
signature was created specifically to disallow their addition (see
the note about "h=" in Section 3.5 of [DKIM]). The shortest path to
success for DKIM would be to mandate that all MLM software be redesigned
or re-configured with that goal in mind.

However, the practice of applying headers and footers to message
bodies is common and not expected to fade regardless of what
documents this or any standards body might produce. This sort of
change will invalidate the signature on a message where the body hash
covers the entire entire message. Thus, the following sections also
investigate and recommend other processing alternatives.

</quote>

It was my intention to add one such 'processing alternative'. Now the 
question is: does it cover the remaining 5% or not? And if so (if we 
could get to 100%), is it worth the (huge) effort to rewrite DKIM?

/rolf