> -----Original Message-----
> From: Rolf E. Sonneveld [mailto:[email protected]]
> Sent: Tuesday, August 24, 2010 3:31 PM
> To: [email protected]
> Cc: MH Michael Hammer (5304); [email protected]
> Subject: Re: [ietf-dkim] Mailing lists and s/mime & dkim signatures - mua
> considerations
>
> Dave CROCKER wrote:
> > On 8/24/2010 11:59 AM, MH Michael Hammer (5304) wrote:
> >
> >> Then it would appear that we are substantially in violent agreement.
> >>
> >
> >
> > in spite of our best efforts.
> >
>
> may I suggest we stop here for a moment and get back to the original
> question, which in essence was: should a 1st signer DKIM signature be
> preserved 'coûte que coûte' when a message is handled by a MLM, or not.
> To answer this question I'd like to quote the excellent summary of what
> DKIM is about, posted earlier today by Wietse:
>
I am somewhat agnostic on the question of preserving DKIM signatures when a
message is handled through MLM. Intuitively I would like them preserved and I
believe that MLMs can preserve them if they are interested in doing so.
If I were running an MLM (I have done so in the past but do not currently do
so) I would certainly respect an ADSP=discardable assertion and ensure that I
handled messages accordingly (more than one way to skin a cat).
As John has pointed out on numerous occasions, it should not be demanded of
MLMs that they change their ways to accommodate anything new under the sun
(paraphrasing here) because they have been around for as long as they have and
done quite nicely thank you very much.
Darwin was right.
To the extent that ill-intentioned individuals find MLMs (and email accounts
posting through MLMs) interesting targets in the future, those MLMs that are
unfriendly to email authentication are likely to find themselves at greater
risk than those MLMs which are friendly to email authentication. There are
varying ways in which an MLM can deal with this issue. I for one wouldn't dream
of attempting to dictate to them what they must or must not do.
Receivers are not stupid and will respond to such evolving circumstances as
they may in the interests of their endusers as well as their own reputation. I
for one wouldn't dream of attempting to dictate to them what they must or must
not do.
In any event, I perceive MLMs as the tail that appears to be wagging the dog.
In the context of email authentication, there are so many much more interesting
mail streams from my perspective.
> > The DKIM signature
> > provides a simple piece of trace information ("I handled this mail")
> > that is cryptographically bound to some header and body content.
> >
> > The receiver can use this trace information for any purpose that
> > she deems suitable.
>
> I think most of us can agree with this summary of what DKIM really is,
> without all the bells and whistles we often like to attribute to it.
> Next we add a quote from Dave about what the MLM does:
>
> > An MLM creates the message. That the message might look a lot like
> > one sent /to/ it is nice, but it's also confusing. The original author
> is not,
> > ultimately, responsible for what the MLM chooses to send
>
> Again, most of us will agree with this, I assume. Now combining the two,
> and _without focussing on any hypothetical action of a verifier or
> recipient_, the conclusion must be that the MLM adds its own
> DKIM-signature, leaving the original DKIM-signature(s) untouched. After
> all, removing the original DKIM signature would mean removing a piece of
> trace information provided by the originating domain. And once it's
> gone, it's gone. Leaving the original DKIM signature untouched is in
> line with chapter 4 of RFC4871 including par. 4.2 that states:
>
> > Signers SHOULD NOT remove any DKIM-Signature header fields from
> > messages they are signing, even if they know that the signatures
> > cannot be verified.
> >
>
> I haven't found any text in the erratum of 4871 / 5672 that obsoletes
> this text. This means we can treat (regarding this particular aspect)
> MLMs like any other re-signing agent, no exceptions are required.
>
Rolf, you have sidestepped the issue of digests or do you feel this holds true
for them as well?
> And yes, this means my opinion changed, I no longer advocate the use of
> multipart/alternative to preserve the 1st signer DKIM signature, instead
> it is my opinion now that an MLM should leave it untouched (and not
> remove it). I have come to this conclusion by looking at what DKIM is,
> and carefully avoiding looking at what a verifier or recipient might
> possibly do with the information it provides.
Interesting.
>We should not change the
> essentials of DKIM for sake of MLM transparancy; the best we can do is
> document the status quo of the combination of DKIM and MLMs, its
> problems and (within the boundaries of the DKIM spec) any hints that can
> solve or mitigate those problems.
>
I absolutely agree with your last statement.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
