[ietf-dkim] Comments on draft-ietf-dkim-implementation-report-01
sm at resistor.net
Thu Sep 30 18:51:44 PDT 2010
I have a few comments about
draft-ietf-dkim-implementation-report-01. The Abstract Section mentions that:
"This document contains an implementation report for the IESG covering
DKIM in support of the advancement of that specification along the
The Introduction Section mentions:
"Enclosed is a summary of collected interoperability data provided
from sources that are aggregating such information as well as from a
more formal DKIM interoperability event that took place in October
The information is more about deployment and than implementations
based on the RFC.
Are the participants mentioned in Section 3.1 implementors of RFC 4871?
In Section 3.4:
"The handful of interoperability issues described above that referred
to weaknesses or ambiguities in [DKIM] resulted in several errata
being opened via the RFC Editor web site."
There isn't any description of the interoperability issues in Section
3.3. Could references to the errata be included?
Section 4 is about deployment. It provides arguments against pruning
features from RFC 4871 as they are in use.
The results in Section 4.1.2 mention "Author vs. Third-Party". That
is more about ADSP than DKIM.
"Pass Rates for Non-List Mail: Where "list mail" is defined as any
mail not bearing one of the header fields defined in [LIST-ID] or
in [LIST-URLS], or a "Precedence: list" field, selecting only for
mail that is not list mail revealed a successful verification rate
of 93.6%; selecting only for list mail produced a 84.7% success
Is the 84.7% success rate for "List" mail?
Section 4.2 mentions Originator signatures. RFC 4871 does not
mention that type of signature.
Section 5.5 of RFC 4871 recommends that the Subject:, Date:,
MIME-Version:, Content-Type: and Message-ID: header fields SHOULD be
included in the signature. It is interesting to note that only the
From: header field is a always signed.
Section 5.5 of RFC 4871 also recomments that the Received: header
field should not be included in the signature. That header field is
signed in 59.7% of the cases observed.
Thanks to Murray for collecting and publishing useful data about DKIM.
More information about the ietf-dkim