Re: [yam] Russ Housley's Discuss on draft-ietf-yam-rfc4409bis-02: (with DISCUSS)

Wed, 24 Aug 2011 07:53:12 -0700 


On 8/24/2011 7:06 AM, Russ Housley wrote:

SM:

Thanks for facilitating this discussion.

As Dave well knows, the presence of an invalid signature is different than no
signature at all.

>
> The technical community keeps telling implementors that
> they are not really different, but folks that writ code seem to think
> otherwise.  The proposed text does not say anything about the signature
> validity,


Russ,


As you well know, there are many, very different reasons a signature can be 
invalid.  As you also might know, the DKIM specification therefore declares the 
semantics of an invalid signature to be the same as having no signature present.



Within the formal 4 walls of DKIM, that means that the the presence of an 
invalid signature is /not/ different than no signature at all.



The fact that various receivers might choose to distinguish between the two 
conditions is well and good, but it also is outside the four walls of formal DKIM.



Pragmatics often prompt going beyond a formal specification.  That does not make 
either the specification or the pragmatics "wrong".  Each has its own purpose 
and constraints.(*)




 At a minimum, i[t] should say "...of a valid signature."


I assume you mean that you are requesting the proposed text to be revised to be:

  "Message modification can affect the validity of an existing message
   signature, such as by DKIM [DKIM], PGP [RFC4880], and can render the
   signature invalid.  This, in turn, can affect message handling by later
   receivers, such as filtering engines that consider the presence or absence
   of a [valid] signature."


Given your own view about the distinction, I'd have thought you would prefer the 
original wording.  While adding "valid" does change the meaning slightly, I 
don't see it as a problem.


d/



(*) Receivers choosing to make a distinction between an absent DKIM signature 
and a present, invalid one currently represents an intuition rather than a 
certainty.  That's a good basis for experimentation, but a very poor basis for 
language in a formal standards specification...


--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
_______________________________________________
yam mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/yam






















					Reply via email to