Re: [dane] email canonicalization for SMIMEA owner names

Fri, 12 Dec 2014 09:03:02 -0800 

On 12/12/2014 16:28, Ben Laurie wrote:

On 12 December 2014 at 15:56, Alexey Melnikov <[email protected]> wrote:

On 12/12/2014 15:38, Paul Wouters wrote:

Whoever starts using variant email addresses should publish records for
it? As John said, clients shouldn't start guessing addressing schemes used
by others

+1. Nobody other than the final MTA/MDA knows that certain forms are
equivalent.

True, but does not make your scheme workable.
Only publish canonical form or variants that were used for sending emails out? 
Sent from my iPhone


On Dec 12, 2014, at 06:37, Ben Laurie <[email protected]> wrote:


On 11 December 2014 at 19:51, Rose, Scott W. <[email protected]>
wrote:
Realized the other action item I was assigned to from the interim
meeting was email canonicalization for SMIMEA.  I believe it stems from
Viktor Dukhovni's email to the endymail list:
http://www.ietf.org/mail-archive/web/endymail/current/msg00134.html

I was wondering if we can borrow a page from RFC 4034 Section 6.2 and
include text in the draft Section 3, item 1 in the numbered list:

      1.   The user name (the "left-hand side" of the email address,
called
        the "local-part" in the mail message format definition [RFC2822]
        and the "local part" in the specification for internationalized
        email [RFC6530]), is hashed using the SHA2-224 [RFC5754]
        algorithm (with the hash being represented in its hexadecimal
        representation, to become the left-most label in the prepared
        domain name.  This does not include the "@" character that
        separates the left and right sides of the email address.  The
        string that is used for the local part is a Unicode string
        encoded in UTF-8 **with all upper case letters converted to their
        corresponding lower case letters where appropriate.**


The text between the '**' is new.  The goal is to prevent a situation
when the email address is "[email protected]" and the SMIMEA is created
using "jrandom" as the user name.   Would this be enough, or are there
scripts where this would result in different or potentially conflicting
owner names?

Speaking of canonicalisation:

1. What about X+Y@Z - for almost all MTAs, this is the same as X@Z.

2. What about GMail's [email protected] == [email protected] ==
[email protected] == [email protected]?




_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane

Reply via email to