>> An alternative would be to err on the other side: a "mellowed" >> canonicalization, that respects only the fields and entities whose >> meaning and encoding is well known and stable, so as to allow some >> kind of forgeries rather than accidental breaking. >> > > The main question here is: how often are DKIM signatures invalidated > during transit, what is the exact cause (case- or similar > modifications of header fields?) and how much do we gain by defining a > new canonicalization algorithm? Do we have any real-world figures > about this 'accidental breaking'? How many DKIM signatures on average > survive two MTA hops? How many three hops? Etc.? Is there a > relationship? And if they get broken, is that due to changing case of > header fields or due to other changes? And if the number of broken > signatures caused by transit systems (apart from the mailing list > issues, which bring their own problems) is non-negligeable, is there > anything that we can do to improve things? Rolf,
With most mailing-lists, nearly all signatures will be damaged whenever the subject line is modified, or something has been appended to the message body. Any strategy that attempts DKIM settings to permit such modification exposes recipients relying on DKIM to be taken in by simple exploits. Such exploits might be used either enable convincing spamming or phishing schemes, which weakens the value DKIM otherwise would have afforded. A safer strategy would be to permit DKIM domains a means to grant exceptions en-mass for mailing lists known good at excluding spamming and phishing, with hopefully subject lines and mailfrom or reply-to lines being changed to it clear the message was distributed by the mailing-list. Efforts at making such distribution transparent only invites abuse. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
