IETF Logo Mail Archive

Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?

Steffen Nurpmeso <steffen@sdaoden.eu> Mon, 05 February 2024 21:39 UTC

Return-Path: <steffen@sdaoden.eu>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08FE4C14F6B9 for <ietf-dkim@ietfa.amsl.com>; Mon, 5 Feb 2024 13:39:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fwa_w0LED5Zb for <ietf-dkim@ietfa.amsl.com>; Mon, 5 Feb 2024 13:39:22 -0800 (PST)
Received: from sdaoden.eu (sdaoden.eu [217.144.132.164]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E825C14F5E8 for <ietf-dkim@ietf.org>; Mon, 5 Feb 2024 13:39:20 -0800 (PST)
Date: Mon, 05 Feb 2024 22:38:02 +0100
Author: Steffen Nurpmeso <steffen@sdaoden.eu>
From: Steffen Nurpmeso <steffen@sdaoden.eu>
To: Dave Crocker <dhc@dcrocker.net>
Cc: ietf-dkim@ietf.org
Message-ID: <20240205213802.sUVlYW5-@steffen%sdaoden.eu>
In-Reply-To: <20240205212412.Kq4PkTNC@steffen%sdaoden.eu>
References: <20240119192026.DEDFF810437D@ary.qy> <20240120000053.FrDLzS4U@steffen%sdaoden.eu> <3f72e0c3-d245-16f7-57b2-831bfa53efbd@taugh.com> <4F161749-91D6-4E2D-AF70-89C5F172B971@isdg.net> <64f0cfd3-9d86-4d5e-b213-d0e53972c65a@tana.it> <af70d974-b2cb-4ac3-af9f-f0461238ebbb@isdg.net> <0cb52576-67af-4248-9866-5d2e2ef1adfd@tana.it> <8EA4F7EB-CBAF-4CBA-AD3B-03ECC8B05172@isdg.net> <012291f4-5098-4e6b-b9b9-a7e1fd681138@tana.it> <e59bbaa2-945c-4ed8-85b4-3a79ebc8bfbd@dcrocker.net> <20240205212412.Kq4PkTNC@steffen%sdaoden.eu>
Mail-Followup-To: Dave Crocker <dhc@dcrocker.net>, ietf-dkim@ietf.org
User-Agent: s-nail v14.9.24-596-g7894190075
OpenPGP: id=EE19E1C1F2F7054F8D3954D8308964B51883A0DD; url=https://ftp.sdaoden.eu/steffen.asc; preference=signencrypt
BlahBlahBlah: Any stupid boy can crush a beetle. But all the professors in the world can make no bugs.
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/FkucSFcQYom62gdZkcIkARi7nVk>
Subject: Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Feb 2024 21:39:27 -0000

Steffen Nurpmeso wrote in
 <20240205212412.Kq4PkTNC@steffen%sdaoden.eu>:
 |Dave Crocker wrote in
 | <e59bbaa2-945c-4ed8-85b4-3a79ebc8bfbd@dcrocker.net>:
 ||On 2/5/2024 9:43 AM, Alessandro Vesely wrote:
 ||> It is debatable whether it is useful to display authentication 
 ||> information to the end user.  Personally, I like to see it. 
 ||
 ||At scale, there is no debate among UX professionals.  Its presence 
 ||varies between useless and confusing, for typical users.
 |
 |I *totally* disagree.
 |It is also a matter of education.
 |See in Germany (and Europe) we now have traffic lights on packaged
 |food, from red over yellow to green (in i think 6 steps), so
 |people will learn not to eat chips, sugarized cereals, and
 |chocolade.

P.S.:

For years i have, for the old BSD Mail fork i maintain, in
unreleased code (as the according MIME part is defunct and needs
a rewrite; ditto decryption, though that more obvious in the bad
case)

  +         n_str_add_cp(&ti, (mpp->m_content_info & CI_SIGNED_OK
  +            ? _("Signed data (good signature)")
  +            : (mpp->m_content_info & CI_SIGNED_BAD
  +               ? _("Signed data (signature unverified)")
  +               : _("Signed data"))));

Over eight years, to be exact.  Too much talking, too less work.
The mutt(1) client also does this, quite heavily even.

In fact, quite the opposite, it seems that the graphical people
try the trivialmost beautifulmost surface without a content, like
those mostly young women who can be seen on the sidewalk of
certain streets, really.  But i have no experience with that.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

v2.23.0 | Report a Bug | By Email