[Mailman-Developers] Thinking about list footers
Murray S. Kucherawy
superuser at gmail.com
Tue Jun 3 00:43:31 CEST 2014
On Sat, May 31, 2014 at 4:30 AM, Stephen J. Turnbull <stephen at xemacs.org>
wrote:
> Also, the last time partial signatures came up, it was pointed out
> that there are *no* MUAs that differentiate between signed parts and
> unsigned parts. You don't get a warning when your eyes move from a
> signed part to an unsigned part or vice-versa the way you do when
> following a link from an HTTP URL to an HTTPS URL in a browser. The
> DKIM advocates have not liked the idea of signatures that don't apply
> to the whole message at all.
>
All true, but that's mostly specific to MUAs. There's nothing saying a
filter of some kind could do something special with appended content when
it senses a message that's bigger than what was signed. The library in
OpenDKIM does make it easy to spot these, for example, and can tell you
stuff like which header fields were added or modified and in what way, or
how much of the content was signed and how much wasn't.
We didn't intend for this to be used by MUAs, however, so to some degree
they're doing what we expected.
The reason I asked is that there's a proposal for a DKIM canonicalization
that could survive modifications if the modifications are entirely in new
MIME parts. Thus, if an MLM altered the message strictly by adding parts,
the added parts could be easily isolated by this method, and the remainder
verified against an author signature that should still validate (modulo
Subject field changes). So you'd have a DKIM signature from the author
domain that validates on the original author content (the final content
minus the added part), and a DKIM signature from the list domain that
validates on the modified content. I'm trying to figure out if that would
be useful at all, but it sounds like MUAs are the showstopper there.
-MSK
More information about the Mailman-Developers
mailing list