On 12/12/2014 11:37, Ben Laurie wrote:
On 11 December 2014 at 19:51, Rose, Scott W. <[email protected]> wrote:
Realized the other action item I was assigned to from the interim meeting was
email canonicalization for SMIMEA. I believe it stems from Viktor Dukhovni's
email to the endymail list:
http://www.ietf.org/mail-archive/web/endymail/current/msg00134.html
I was wondering if we can borrow a page from RFC 4034 Section 6.2 and include
text in the draft Section 3, item 1 in the numbered list:
1. The user name (the "left-hand side" of the email address, called
the "local-part" in the mail message format definition [RFC2822]
and the "local part" in the specification for internationalized
email [RFC6530]), is hashed using the SHA2-224 [RFC5754]
algorithm (with the hash being represented in its hexadecimal
representation, to become the left-most label in the prepared
domain name. This does not include the "@" character that
separates the left and right sides of the email address. The
string that is used for the local part is a Unicode string
encoded in UTF-8 **with all upper case letters converted to their
corresponding lower case letters where appropriate.**
The text between the '**' is new. The goal is to prevent a situation when the email address is
"[email protected]" and the SMIMEA is created using "jrandom" as the user
name. Would this be enough, or are there scripts where this would result in different or
potentially conflicting owner names?
Speaking of canonicalisation:
1. What about X+Y@Z - for almost all MTAs, this is the same as X@Z.
This is a bit misleading: MSA or intermediate MTAs can't know that these
are the same (unless MSA is also the final MTA).
2. What about GMail's [email protected] == [email protected] ==
[email protected] == [email protected]?
As above.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
