Michael Thomas wrote in <[email protected]>: |On 1/27/25 12:38 PM, Brotman, Alex wrote: |> Sorry, support for which arguments? I'm not trying to be obtuse, \ |> just trying to see if we can point you toward the information you seek. | |Papers, reports, really anything from mailbox providers and/or filter |providers that detail how DKIM is being used in production. As one of |the original designers, it's been pretty frustrating to not know how |it's being used and what difference it actually makes. Any revamp would |benefit from everybody here knowing whether and how it's making a |difference, and what its deficiencies are. And more to the point: why |it's deficient. I've seen a lot of assertions on that front which are |actually not true. | |About the only thing I've managed to find is: | |https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-hu\ |.pdf | |but it's just a couple of researchers who aren't attached to any mailbox |provider as far as I know.
Are you talking about l=? But l= does not survive just any modification, even invisible ones that do not change content like reencodings etc. And these are unfortunately performed by many mailing-list software(s) (configurations, due to local policy). So with l= i cannot verify your DKIM signature dependent upon how your email client sends the message; for example, the OpenGroup one notoriously transforms to 8-bit, so l= .. only by sheer luck. Also mail filters (milters) see the entire body as one continuous data stream (maybe in pieces due to size restrictions, but other than that) without structure. This means that a message that was turned to MIME, or which' MIME layout was changed, does no longer verify with l= because of the changes in the outer MIME structure; for that l= would have to cover "some sliding text window" for example, but that would imply milters would need to actually understand the content of data, which they normally do not. (Ie, they would have to apply MIME parsing.) In my easy-to-say-as-a-late-one opinion this never really worked, even twenty years ago? And while i speak, i find quite some things from DKIM very suspicious, and i would not know how it was meant at first. But regardless of all that i say everybody has to bite the bullet, throw over board what one got used to, and think that cow that was micky mouse, in David Bowie's terms, new. Email must become easy again, and all those many standards in use are not really of such. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) | |In Fall and Winter, feel "The Dropbear Bard"s pint(er). | |The banded bear |without a care, |Banged on himself for e'er and e'er | |Farewell, dear collar bear _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
