[ietf-dkim] Updated implementation report
barryleiba at computer.org
Sat Oct 2 07:23:52 PDT 2010
I'd like to rein in discussion a bit, here. Or, perhaps more
accurately, separate the threads. It's fine if folks want to talk
about the relative value of some kinds of signatures relative to
others, and so on -- that sort of thing actually is on our charter.
But it's a separate item from getting an implementation and
interoperability report done.
To that end, let's make sure we keep the threads separate. John's
comment, to which I'm replying here (see below), is the sort of
comment that will help finish the implementation report. Let's take
comments about what we think the report tells us about the efficacy of
DKIM... to separate threads. Thanks.
Barry, as chair
On Fri, Oct 1, 2010 at 11:04 PM, John R. Levine <johnl at iecc.com> wrote:
>>> If this is the #1 reason that verifications fail, would there be room
>>> for a new canonicalization scheme, to improve verification rates?
> Seems to me it would be more appropriate to add a note saying something
> like be sure your headers are all RFC 5322 compliant before signing,
> including arcana such as quoting rules in address fields, to avoid
> signature failures due to helpful relay MTAs fixing the quoting errors on
> the way through.
> As far as figuring out who's doing what, it's hard to think of anything
> better than running a bunch of deliberately marginal messages through a
> variety of MTAs and see what happens. A couple of years ago I set up a
> forwarding project, in which I asked people to set up different MTAs to
> forward mail back to me, just so we could find out about this kind of
> stuff. The code has suffered severe bit rot but if people really wanted
> to use it, I could probably resuscitate it.
More information about the ietf-dkim