----- Original Message ----- From: "Mark Delany" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, July 25, 2006 1:37 AM Subject: Re: [ietf-dkim] Eat all CR/LF - STRIP Canonicalization Method
> Right. But a bad guy can modify the original content and it will still > verify with STRIP. I missed this subtle point. The only thing that could be modified by El Malo, are CR/LF characters. Nothing else can be modified without destroying the signature. We lose nothing from a STRIP method, as long as the original BODY hash is added to the scheme to help detect original body integrity changes of any kind. What is gained in increase survivability of the signature hashing, something we don't have now with any degree of confidence. Look, I can't help but think if it was anyone else making this suggestion, you wouldn't be able to kept up with this thread. What a shame, it is more important to push out a faulty spec than to fix the problem to make DKIM more robust and acceptable. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
