Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specification for DomainKeys]
William Leibzon <william@completewhois.com> Thu, 20 May 2004 04:12 UTC
Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA11324 for <asrg-archive@odin.ietf.org>; Thu, 20 May 2004 00:12:36 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQetU-00080j-U8 for asrg-archive@odin.ietf.org; Thu, 20 May 2004 00:10:57 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i4K4Aud9030788 for asrg-archive@odin.ietf.org; Thu, 20 May 2004 00:10:56 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQekH-0005Yf-EC for asrg-web-archive@optimus.ietf.org; Thu, 20 May 2004 00:01:25 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA10878 for <asrg-web-archive@ietf.org>; Thu, 20 May 2004 00:01:22 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BQekF-0000wx-4W for asrg-web-archive@ietf.org; Thu, 20 May 2004 00:01:23 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BQejT-0000o5-00 for asrg-web-archive@ietf.org; Thu, 20 May 2004 00:00:36 -0400
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1BQeiQ-0000ek-00 for asrg-web-archive@ietf.org; Wed, 19 May 2004 23:59:30 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQed8-0003w5-69; Wed, 19 May 2004 23:54:02 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQeOz-0000k8-53 for asrg@optimus.ietf.org; Wed, 19 May 2004 23:39:25 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA10285 for <asrg@ietf.org>; Wed, 19 May 2004 23:39:22 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BQeOx-0005mU-3P for asrg@ietf.org; Wed, 19 May 2004 23:39:23 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BQeNz-0005eX-00 for asrg@ietf.org; Wed, 19 May 2004 23:38:24 -0400
Received: from cwhois1.completewhois.com ([216.151.192.222] helo=mail.completewhois.com) by ietf-mx with esmtp (Exim 4.12) id 1BQeNd-0005VQ-00 for asrg@ietf.org; Wed, 19 May 2004 23:38:02 -0400
Received: by mail.completewhois.com (Postfix, from userid 500) id 6CA0418A1C; Wed, 19 May 2004 20:44:38 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.completewhois.com (Postfix) with ESMTP id 65BED4C06B for <asrg@ietf.org>; Wed, 19 May 2004 20:44:38 -0700 (PDT)
From: William Leibzon <william@completewhois.com>
To: asrg@ietf.org
Subject: Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specification for DomainKeys]
In-Reply-To: <20040519230529.23514.qmail@xuxa.iecc.com>
Message-ID: <Pine.LNX.4.44.0405191929140.3770-100000@cwhois1.completewhois.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
Date: Wed, 19 May 2004 20:44:38 -0700
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.60
On 19 May 2004, John Levine wrote: > >Big problem I have with it is that yahoo domain keys breaks with email > >forwarders, mail lists and roaming users (and they fully acknoledge that > >it does not work with them and say there is no good work-around). That > >makes it no-go as far as I concerned for initial deployment unless > >changes are made. > > Are you sure you read the same DK document as the rest of us? http://antispam.yahoo.com/domainkeys/draft-delany-domainkeys-base-00.txt > Forwarding works fine if it doesn't mess with the message other than > prepending headers. That is simplest forwarder and yes, it does work there. Many forwarders do lot more then that unfortunetly, reseting Sender, adding some "X-..." headers, etc. Note also that I usually the word "forwarder" to mean just any mail relaying server, including mail list server. > Roaming users work fine if they sign in the MUA. Yes, if roaming user has private key. But since multiple private keys are allowed, I'll accept that roaming user problem is not an issue with this proposal. > Mailing lists are an issue but there are some ideas to deal with that. To me its the biggest issue of all. Mail lists are EXTREMELY popular and almost all mail list sofware modifies headers (sometimes changes "From" and "To" and supposed to reset Sender and add List- headers). As such deployment would mean that those using domain keys would not be able to use mail lists until their software is somewhow modified to deal with domain keys (which might take quite some time). On Wed, 19 May 2004, Mark Baugher wrote: > You're assuming that there's no way to fix the break. Actually no, I'm not. But knowing what domain keys would be about before time and as such that these problems would exist, I was just hoping to see specs that have dealt with these issues better. Perhaps I was too hopefull and a bit unhappy that I had to read 30 pages and main details could fit in 2 and did not solve some important problems and that yet again proposal reused TXT record instead of propoing exact details on new dns record to store public keys (which would be really really usefull). Going back to maillist problem and similar, in my opinion, the way solve these problems (when modification of email headers by intermediate MTA would cause domain-keys verification to fail) is to have multiple signatures for different parts of the email, with first one being signature for content of the email (or even for each MIME part) and then separate signature(s) for email headers with signature line that also includes info on exactly which headers it is for, then when new headers are added, they can be ignored when trying to verify this hash/signature. --- William Leibzon _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] [Fwd: Yahoo! Mail Publishes Specification … Yakov Shafranovich
- [Asrg] 6 - Yahoo Domain Keys Chris
- Re: [Asrg] 6 - Yahoo Domain Keys Seth Breidbart
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys John Levine
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… John Levine
- [Asrg] Re: 6 - Yahoo Domain Keys Philip Miller
- Re: [Asrg] 6 - Yahoo Domain Keys Alan DeKok
- Re: [Asrg] 6 - Yahoo Domain Keys George Ou
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Mark Baugher
- Re: [Asrg] 6 - Yahoo Domain Keys Matt Sergeant
- Re: [Asrg] Re: 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys Seth Breidbart
- Re: [Asrg] Re: 6 - Yahoo Domain Keys der Mouse
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… William Leibzon
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] Re: 6 - Yahoo Domain Keys William Leibzon
- Re: [Asrg] 6 - Yahoo Domain Keys George Ou
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Matthew Elvey
- RE: [Asrg] 6 - Yahoo Domain Keys Chris
- RE: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Chris
- blacklisting throwaway domains, was Re: [Asrg] Re… Tony Finch
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… John Capo
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Yakov Shafranovich
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Yakov Shafranovich
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Matthew Elvey
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Yakov Shafranovich
- RE: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… William Leibzon
- RE: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Chris