IETF Logo Mail Archive

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Alessandro Vesely <vesely@tana.it> Sat, 03 February 2024 13:24 UTC

Return-Path: <vesely@tana.it>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF601C1CAF2E for <ietf-dkim@ietfa.amsl.com>; Sat, 3 Feb 2024 05:24:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=tana.it header.b="Bt89IfLZ"; dkim=pass (1152-bit key) header.d=tana.it header.b="BDafejH9"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Iu-DJyhJs05O for <ietf-dkim@ietfa.amsl.com>; Sat, 3 Feb 2024 05:24:01 -0800 (PST)
Received: from wmail.tana.it (wmail.tana.it [94.198.96.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F5D0C151092 for <ietf-dkim@ietf.org>; Sat, 3 Feb 2024 05:24:00 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=tana.it; s=epsilon; t=1706966638; bh=hDQH502rR+LvIoYM9DiiieI8M/CFscyXZ0tDqzbErsA=; h=Author:Date:Subject:To:References:From:In-Reply-To; b=Bt89IfLZQSmQGqc+cyDEKNUW1b6sibtVNQqRWrdDgohSVqfq6he42DN6MvEFST+Pz sENSopy6ppdOofm9A1NCQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1706966638; bh=hDQH502rR+LvIoYM9DiiieI8M/CFscyXZ0tDqzbErsA=; h=Date:Subject:To:References:From:In-Reply-To; b=BDafejH9xDmExnu5vr8XOdT5L3oi0MNo8gPtqOLVKCuP8emymDo3w0bN1PWkxDLn4 X2JWIC8SUqsQlx9ADUoMZ+Mb1JXMYMj99+zPKRSPFNheK+gfghNEogkSL7IjiJXYCy Pvw8C0/YYrzmquPuQUC8DBg2Bd9PMqFn4uYaPhv7AM3i8ncKyHHrk+9Y1YUwm
Original-Subject: Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?
Author: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.120] (pcale.tana [172.25.197.120]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC090.0000000065BE3E6E.00007A7B; Sat, 03 Feb 2024 14:23:58 +0100
Message-ID: <0cb52576-67af-4248-9866-5d2e2ef1adfd@tana.it>
Date: Sat, 03 Feb 2024 14:23:58 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US, it-IT
To: ietf-dkim@ietf.org
References: <20240119192026.DEDFF810437D@ary.qy> <20240120000053.FrDLzS4U@steffen%sdaoden.eu> <3f72e0c3-d245-16f7-57b2-831bfa53efbd@taugh.com> <4F161749-91D6-4E2D-AF70-89C5F172B971@isdg.net> <64f0cfd3-9d86-4d5e-b213-d0e53972c65a@tana.it> <af70d974-b2cb-4ac3-af9f-f0461238ebbb@isdg.net>
Authentication-Results: tana.it; auth=pass (details omitted)
From: Alessandro Vesely <vesely@tana.it>
In-Reply-To: <af70d974-b2cb-4ac3-af9f-f0461238ebbb@isdg.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/6cy7WkiSt0EXaNSV4fg7wmOpz-U>
Subject: Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Feb 2024 13:24:08 -0000

On Fri 02/Feb/2024 14:34:22 +0100 Hector Santos wrote:
> Of course, the MUA is another issue.  What read order should be expected for 
> Oversign headers?  Each MUA can be different although I would think streamed in 
> data are naturally read sequentially and the first display headers found are 
> used in the UI.


Yeah, which is the opposite of DKIM specified order.


>  Only To: is allowed to be a list.


RFC 5322 specifies lists for From:, To:, Cc:, Bcc:, Reply-To:, Resent-From:, 
Resent-To:, Resent-Cc: and Resent-Bcc:.


Best
Ale
--

v2.23.0 | Report a Bug | By Email