On Sun 17/Nov/2024 23:19:47 +0100 Bron Gondwana wrote:
And if a message is bad then it's possible to derive where the badness was
introduced - something not possible with DKIM or ARC if a message has been
modified. I have a draft for a method at:
https://datatracker.ietf.org/doc/draft-gondwana-dkim2-modification-alegbra/
My main doubt is how would a signing filter retrieve what the original message
was, in order to compose the differences. Perhaps the mailing list software
can attach the original message to the modified message, convening that the
filter will remove the attachment before signing? Let me compare this task
with the process of composing Arc-Authentication-Results:. It seems that no
implementation (except mine) succeeded in retrieving the original A-R field and
transfer it in the seal. Everybody puts a new ARC set at every hop. So there
seems to be a hidden difficulty in saving some data from the original message.
An alternative would be to not allow /any/ modification, but only a restricted
set of standardized modifications that a MLM knows, so that it can configure
its signing filter accordingly. That was the approach taken by a previous attempt:
https://datatracker.ietf.org/doc/draft-kucherawy-dkim-transform/
I implemented it, just without the header fields that declared what
transformation was made, since no one puts them in the header. One difficulty
which arose was some mailing lists transforming the message body into base64.
I dealt with that in a totally heuristic manner. However, I note that your
algebra doesn't consider that case.
My take, in case you're curious about what other approaches have been tried:
https://datatracker.ietf.org/doc/html/draft-vesely-dmarc-mlm-transform
I can validate my own posts when they come back from mailing lists. Some times
I can validate other people posts too.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
