[ietf-dkim] ISSUE: non-ascii header text
dotis at mail-abuse.org
Thu Apr 21 10:57:24 PDT 2011
On 4/21/11 5:25 AM, John R. Levine wrote:
>> Use of A-labels within header fields supporting UTF-8 is a bad idea.
> Since DKIM is defined on RFC 5322 messages, and 5322 is ASCII-only, no
> header fields in a compliant message can contain UTF-8. I don't know
> why you keep repeating this uttetly wrong stuff, but please stop now.
While the majority of users within your borough may not care, a large
population within Asia and elsewhere do. In fact, much of their email
already violates RFC5322's ASCII-only requirements. This limitation
will change very soon. Setting DKIM on a sustainable track must deal
with this natural evolution, despite those saying please stop. You are
a good and intelligent person that deserves a great deal of respect.
>> Changing a reference of RFC3490 to RFC5890 already represents an
>> incompatible change.
> Your assertion is noted.
The desire is not to increase anyone's workload, but the reasons for
developing DKIM will become even more apparent during the introduction
of UTF-8. Unfortunately, the current DKIM specifications ignore
important aspects about where A-Labels are to exist within a protocol.
A-Labels are NOT intended for human consumption. DKIM also failed to
ensure resources are only obtained at valid A-Labels or NR-LDH defined
locations. A significant security flaw, especially when definitions of
valid A-Labels has significantly changed for the better.
More information about the ietf-dkim