On 5/24/2024 5:11 PM, Jon Callas wrote:
You are indeed being finicky, as well as correct. I wasn't talking
about the approved RFC, but the discussion around it.
Well, it is indeed common for people to assert this kind of semantic,
independent of the spec. The only problem with that is when someone
tries to follow the spec and doesn't conform to the unstated semantic.
It's a small matter of interoperability. Hence my finickiness.
Nonetheless, I think the essence of that discussion and my comments
are embodied in:
8.2 <https://www.rfc-editor.org/rfc/rfc6376.html#section-8.2>.
Misuse of Body Length Limits ("l=" Tag)
Use of the "l=" tag might allow display of fraudulent content without
appropriate warning to end users. The "l=" tag is intended for
increasing signature robustness when sending to mailing lists that
both modify their content and do not sign their modified messages.
And look at it -- l= is intended to increase robustness and strictness
of interpreting the message.
What's unusual about DKIM is that the crypto is used as a kind of glue,
to affix the d= name. Robustness essentially refers to a strength of
the glue. Alas, l= makes the glue weaker, rather than the originally
intended stronger (ie, survivable when transiting a mailing list.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
mast:@[email protected]
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
