[ietf-dkim] 8bit downgrades
Michael Thomas
mike at mtcc.com
Thu May 19 16:09:04 PDT 2011
On 05/19/2011 02:53 PM, Pete Resnick wrote:
> In this case, the spec says that you MUST downgrade prior to signing
> *unless you know that the end-to-end path is 8-bit clean and will not
> downgrade later*. That's what SHOULD downgrade means. If there is an
> implementation that doesn't downgrade and sends a message without
> knowing that the path is end-to-end 8-bit clean, then it is in
> violation of the spec. Changing it to MUST doesn't change anything for
> such an implementation; it is already in full violation.
This is all a rather academic argument, but it doesn't really seem quite
right. We send things that get forwarded through all kinds of manglers,
8bit manglers just being one variety. In the abstract, you can never know
as a signer that a path is "clean"... it can always be forwarded. So by your
argument it should be a MUST since you can never know. But that creates
the silly-state of DKIM wagging the 8bit SMTP tail, which is a wrong
outcome.
In reality, I haven't ever seen a failure that was attributable to 8bit
mangling, and I've probably seen sample sizes as big or bigger than
Murray's. Maybe it's happened, but it seems extremely rare.
Mike
More information about the ietf-dkim
mailing list