[ietf-dkim] 8bit downgrades
hsantos at isdg.net
Thu May 19 12:30:17 PDT 2011
Murray S. Kucherawy wrote:
> Can anyone remember why there's a SHOULD for the downgrade to 7-bit
> in RFC4871 Section 5.3, rather than a MUST? The likelihood of
> breakage is so high when sending 8-bit data that DKIM almost
> becomes pointless without the upgrade.
> Not advocating for this to be changed in -bis (yet), but someone's
> asking me for the history behind that decision.
The top two:
1) DKIM signed mail is not an email requirement. A MUST would be too
2) There is a natural expectation for passthru non-tampering.
3) If high cost changes are required to satisfy this downgrade, it is
cheaper not to sign mail at all.
4) The MSA who is DKIM-AWARE might do the translation in preparation
for the DKIM signing component, but this again one of those "narrow"
things that you expect adaptation or a fix to occur.
The two top sentences are prevailing:
1st paragraph, last sentence:
Such conversion is outside the scope of DKIM; the actual
message SHOULD be converted to 7-bit MIME by an MUA or MSA
prior to presentation to the DKIM
More generally, the signer MUST sign the message as it is
expected to be received by the verifier rather than in
some local or internal form.
That first paragraph is closer to a GateWay issue which is out of
scope in DKIM.
You're touching base with boundary layer INPUT requirements argument
Murry, I suggest to avoid this. You can't enforce this with a MUST
and if you do, you will find systems taking the easy, no cost path of
not signing mail
Hector Santos, CTO
More information about the ietf-dkim