This was done in in 2006. I took up Stephan's suggestion to write an I-D
http://tools.ietf.org/html/draft-santos-dkim-strip-00
It addressed the concerns related to NOFWS and that of which is still
present with RELAXED.
Dave CROCKER wrote:
>
> On 5/16/2011 9:00 AM, John R. Levine wrote:
>> The point of relaxed canonicalization was to deal with the kind of small
>> changes that dusty copies of sendmail make, not to handle every possible
>> message mutation that more or less renders the same.
>
>
> The underlying concern here actually is pretty reasonable: Variations that do
> not affect the appearance or semantics of a message could reasonably still
> permit a signature to verify.
>
> The problem is that the working group was not able to develop a...
> workable...
> canonicalization algorithm to achieve this complete robustness. In the
> extreme,
> this is a research topic. Certainly it is a delicate engineering tasks,
> since
> too much robustness against change can easily introduce security holes.
>
> But, then, that's why the working group debate the issue so extensively and
> the
> result did gain working group consensus.
>
> Since the list of algorithms is defined to be extensible, anyone feeling that
> an
> additional algorithm is warranted is free to define it and seek community
> consensus for it.
>
> d/
>
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
