Re: [dane] email canonicalization for SMIMEA owner names

Ben Laurie <> Fri, 12 December 2014 11:37 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id A0DA21ACD08 for <>; Fri, 12 Dec 2014 03:37:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.389
X-Spam-Status: No, score=-3.389 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, GB_I_LETTER=-2, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id jr6d_Zrw_n_2 for <>; Fri, 12 Dec 2014 03:37:15 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:400d:c00::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6C5D51ACD01 for <>; Fri, 12 Dec 2014 03:37:15 -0800 (PST)
Received: by with SMTP id x12so4951487qac.32 for <>; Fri, 12 Dec 2014 03:37:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=2n59SeIee0AvnbxrwRpyrD+6XJEQp076r1qoYX+8jPs=; b=oVWfOvWOd11KGNzSLxysohqUwMOOLGnyD9sk2h2ozHh7DnZVpTPc0JncV6mZ83ou8c tsAT05XuGjoxHUgoeC2KhpVXR+dLesuGQHO5vWRQ7tk2C/wq58EmXOaXcgtvdweC9A94 iB5ezFDNxQ6LAIgbd7xYb1lA9zSGcDuwS6kl4Z0PfW+jAE7hDlITkEfhKPptabSe7peR ipf5T8XEaVgClubWN/trfU+madKdyj0zFzrSjYwyj4jSabxzNTVe2QHFVKeLO+28Kz8F 350QG1jc89jStgMk4Os6EQNcWcjVb/VipEzv9/et/pkUcia1vVqQXT1frWh04oOdQ8gZ VGEQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=2n59SeIee0AvnbxrwRpyrD+6XJEQp076r1qoYX+8jPs=; b=EaP8ntwNGAXOAfzXXZ5neuq40Gfx1ciuijOvMbzIGtfMQ9Yarhb7qPE/Vwz+C2p36c HxJZ/42NMdForrZMJdLBUYewbTBIOjYi2U0jFU3XjoQteqEhpOftp111/+iyxnPjtXuu QnARJRSG3TMBPA8SvFlxJkOZNCnwHyBdstsp9iDA0WGQMfO2avWeoOayfB5EFcU+Aoma vY0lCb8WZNajLc/VlngGLV2DMiL8Bj/RZ0jrilxOZTz7DL1OXX77cVyAxeBRctqa2o2N Mdxnj3vOtIUj3sEiKkA2+ewmaKtOIimGAnO9LPOrxOkXuuWS9G0eUafRu9aHGbJaqH46 gd6Q==
X-Gm-Message-State: ALoCoQmDEkdeVfycubXMyEV7G+DZjeOVpNZ61u7w6qhbao8y89s77mG9SypLa1Aei9yUwaKJDDAy
MIME-Version: 1.0
X-Received: by with SMTP id b7mr16495711qgf.8.1418384234478; Fri, 12 Dec 2014 03:37:14 -0800 (PST)
Received: by with HTTP; Fri, 12 Dec 2014 03:37:14 -0800 (PST)
In-Reply-To: <>
References: <>
Date: Fri, 12 Dec 2014 11:37:14 +0000
Message-ID: <>
From: Ben Laurie <>
To: "Rose, Scott W." <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: dane WG list <>
Subject: Re: [dane] email canonicalization for SMIMEA owner names
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 12 Dec 2014 11:37:18 -0000

On 11 December 2014 at 19:51, Rose, Scott W. <> wrote:
> Realized the other action item I was assigned to from the interim meeting was email canonicalization for SMIMEA.  I believe it stems from Viktor Dukhovni's email to the endymail list:
> I was wondering if we can borrow a page from RFC 4034 Section 6.2 and include text in the draft Section 3, item 1 in the numbered list:
>      1.   The user name (the "left-hand side" of the email address, called
>        the "local-part" in the mail message format definition [RFC2822]
>        and the "local part" in the specification for internationalized
>        email [RFC6530]), is hashed using the SHA2-224 [RFC5754]
>        algorithm (with the hash being represented in its hexadecimal
>        representation, to become the left-most label in the prepared
>        domain name.  This does not include the "@" character that
>        separates the left and right sides of the email address.  The
>        string that is used for the local part is a Unicode string
>        encoded in UTF-8 **with all upper case letters converted to their
>        corresponding lower case letters where appropriate.**
> The text between the '**' is new.  The goal is to prevent a situation when the email address is "" and the SMIMEA is created using "jrandom" as the user name.   Would this be enough, or are there scripts where this would result in different or potentially conflicting owner names?

Speaking of canonicalisation:

1. What about X+Y@Z - for almost all MTAs, this is the same as X@Z.

2. What about GMail's == == ==