[EAI] Re: "7. Upgrading downgraded header"

To: ima at ietf.org
Subject: [EAI] Re: "7. Upgrading downgraded header"
From: Frank Ellermann <nobody at xyzzy.claranet.de>
Date: Sat, 10 Mar 2007 17:33:12 +0100
List-archive: <http://www1.ietf.org/pipermail/ima>
List-help: <mailto:ima-request@ietf.org?subject=help>
List-id: "EAI \(Email Address Internationalization\)" <ima.ietf.org>
List-post: <mailto:ima@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ima>, <mailto:ima-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ima>, <mailto:ima-request@ietf.org?subject=unsubscribe>
Organization: <URL:http://purl.net/xyzzy>
References: <E1HPPYq-0007Jh-Rs@stiedprstage1.ietf.org> <5dk5xr3sgu.fsf@Hurtta06k.keh.iki.fi> <op.toxmdunl6hl8nm@clerew.man.ac.uk> <5dps7inwtx.fsf@Hurtta06k.keh.iki.fi>

Kari Hurtta wrote:

>>> | o  If each mail header has [RFC2047] encoded part and which encoding
>>> |      is "UTF-8", it may be a downgraded header, so decode it.

>>> That algorithm not necessary produce original result.

>> What differences can arise? I can see that folding may get changed,
>> and  whitespace may get mucked about, but is there anything else?

>> Changes of folding should be acceptable (and will even lead to correct
>> DKIM signature interpretation is the 'relaxed' canonicalization is
>> used).

> Also header field is not necessarly downgraded header field.

In other words any valid 2321 or 2047 =?UTF-8...?= encoded word could
be encoded in the original message/utf-8 (before downgrading).  Then
"upgrading" it would replace the encoded word by native UTF-8.  And
that could cause havoc for header signatures.  But we know this, the
issue has to be noted somewhere (maybe as "security consideration").

After that folks living behind a downgrade + upgrade setup have to
deal with the potential side-effects, it's anyway a shaky setup.

Frank

_______________________________________________
IMA mailing list
IMA at ietf.org
https://www1.ietf.org/mailman/listinfo/ima

Follow-Ups:
- Re: [EAI] Re: "7. Upgrading downgraded header"
  - From: Charles Lindsey
- [EAI] Re: "7. Upgrading downgraded header"
  - From: Kari Hurtta

References:
- [EAI] I-D ACTION:draft-ietf-eai-downgrade-03.txt
  - From: Internet-Drafts
- [EAI] "7. Upgrading downgraded header" (Re: I-D ACTION:draft-ietf-eai-downgrade-03.txt)
  - From: Kari Hurtta
- Re: [EAI] "7. Upgrading downgraded header" (Re: I-D ACTION:draft-ietf-eai-downgrade-03.txt)
  - From: Charles Lindsey
- [EAI] Re: "7. Upgrading downgraded header" (Re: I-D ACTION:draft-ietf-eai-downgrade-03.txt)
  - From: Kari Hurtta

Prev by Date: [EAI] Re: Message-ID
Next by Date: [EAI] In-Reply-To (Re: I-D ACTION:draft-ietf-eai-downgrade-03.txt)
Previous by thread: [EAI] Re: "7. Upgrading downgraded header" (Re: I-D ACTION:draft-ietf-eai-downgrade-03.txt)
Next by thread: [EAI] Re: "7. Upgrading downgraded header"
Index(es):
- Date
- Thread

[EAI] Re: "7. Upgrading downgraded header"

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.