[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Asrg] E-mail Postmarks

To: "Daniel Feenberg" <feenberg at nber.org>
Subject: RE: [Asrg] E-mail Postmarks
From: "Jon Kyme" <jrk at merseymail.com>
Date: Fri, 04 Jun 2004 14:25:26 +0100
Cc: ASRG <asrg at ietf.org>
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-bounces at ietf.org

> 
> However, why is this a show stopper? Presumably if the operator of an MTA
> wishes to participate, he will get MTA software that doesn't mangle the
> message. He has to upgrade his MTA to sign the mail anyway. On the
> recipient side, some users will see that all signed mail tests bad, and
> will quickly learn to ignore the warning, as they have with so many other
> warnings. 
> 


You're right of course, the "end" MTA will sign and verify just fine (or
not), I'm guessing that Bob would see the problem as being with
*intermediate* MTA, but I'd say if they're mutilating the body, the sig
*should* break. Theres nothing magic about S-MIME that stops a bad relay
from breaking it. Imagine JRK-stupid-MTA which replaces "multipart" with
"mintypork" throughout.


> Furthermore, is there some reason the signature couldn't be calculated
> ignoring received headers,white space, and header order which seem to be
> the sources of most of the problems? 
> 

Absolutely, canonicalisation is the key, whether this is done in S-MIME or
something less elaborate.



> Daniel Feenberg
> 
> 
> > > -----Original Message-----
> > > From: asrg-bounces at ietf.org [mailto:asrg-bounces at ietf.org] On Behalf
> > Of Jon
> > > Kyme
> > > Sent: Thursday, June 03, 2004 7:13 AM
> > > To: ASRG
> > > Subject: Re: [Asrg] E-mail Postmarks
> > > 
> > > Bob Atkinson:> Specifically, in this divergence there seem to be
> those
> > who
> > > would like
> > > > to digitally sign the literal entire bytes of (a suffix of) an
> > RFC2822
> > > > message body, and those (myself included) who quite strongly
> believe
> > > > that such an approach is so fragile so as to ultimately be of quite
> > > > little value.
> > > >
> > > 
> > > Do you have any figures for what proportion of messages have their
> > bodies
> > > mutilated passing through SMTP relays? Or is *some*, however few, too
> > many
> > > for you?
> > 
> > _______________________________________________
> > Asrg mailing list
> > Asrg at ietf.org
> > https://www1.ietf.org/mailman/listinfo/asrg
> > 
> > 
> 
> 
> 
> 







_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Prev by Date: RE: [Asrg] E-mail Postmarks
Next by Date: Re: [Asrg] E-mail Postmarks]
Previous by thread: RE: [Asrg] E-mail Postmarks
Next by thread: RE: [Asrg] E-mail Postmarks
Index(es):
- Date
- Thread