[Ietf-dkim] Re: PROPOSAL: reopen this working group and work on DKIM2

Thu, 21 Nov 2024 01:50:15 -0800 

On Wed 20/Nov/2024 03:09:19 +0100 Steven M Jones wrote:

On 11/20/24 06:43, Murray S. Kucherawy wrote:

On Mon, Nov 18, 2024 at 9:11 AM Dave Crocker <d...@dcrocker.net> wrote:

On 11/6/2024 6:54 PM, Wei Chuang wrote:

    "message algebra



This topic has been a point of fascination for some years.  It is, 
indeed, attractive. >>>

It is also a research topic, absent a body of experience showing it
works on essentially all email traffic. >>>
That's not meant to argue against it, but rather to place the construct
in an area of unknown reliability, efficacy and usability, so that there
is effort to move to a place of engineering knowns.



Indeed, I remain puzzled by the number of times the idea has been dismissed 
as unworkable in contrast to the excitement it appears to be generating today.



That said, it's my assumption that this renewed effort will include a 
significant period of running something like this at scale with appropriate 
interoperability testing to verify its efficacy before sending it to the 
Standards Track, much as we did with DKIM itself.



I called out this recurrence in my response to one of Bron's separate threads, 
and it is part of why I want to see this project - with so much enthusiasm and 
so many engineering resources promised - explore the topic thoroughly.



Where between 50 and 100% will the percentage of expressible message 
alterations fall, and according to whose corpus? Will we have a great enough 
diversity of contributors to make sure we aren't missing important use cases?



Just the project of cataloging common message alterations seems like a very 
useful exercise. (Not because I can't draw up a list, but because I want to see 
the ones I would miss that other people have observed.)




If the intent of DKIM2 is to preserve message authenticity and semantics, 
rather than recording /any/ change it should concentrate at delimiting the 
allowed changes.  For example, an 80 chars subject-tag would completely hide 
the original subject.  Ditto for extra long HTML insertions.  Not to mention 
malicious changes, such as different bank account number.



If DKIM2 can forbid conversions to base64, it can as well impose safe limits to 
message changes.  Most mailing lists are already self-imposing such limits.



Best
Ale
--





_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org






















					Reply via email to