IETF Logo Mail Archive

Re: [Ietf-dkim] Question about lone CR / LF

John Levine <johnl@taugh.com> Thu, 01 February 2024 18:03 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3F01C14F6A1 for <ietf-dkim@ietfa.amsl.com>; Thu, 1 Feb 2024 10:03:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.858
X-Spam-Level:
X-Spam-Status: No, score=-6.858 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="RUBThK0r"; dkim=pass (2048-bit key) header.d=taugh.com header.b="SCKMn5Z3"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XbNDWDBhoQqR for <ietf-dkim@ietfa.amsl.com>; Thu, 1 Feb 2024 10:03:42 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52E69C14F5E0 for <ietf-dkim@ietf.org>; Thu, 1 Feb 2024 10:03:41 -0800 (PST)
Received: (qmail 65908 invoked from network); 1 Feb 2024 18:03:41 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=1017265bbdcfd.k2402; bh=hj1+WW+NTfFBcR+upDK5WDIHGyC/gN3CxeEbfQqA4oA=; b=RUBThK0rNHNVOwGy0r4sRBSlju2+DxzJbSJbsdvErezg7awX17HB3USI5NKERpBXTRBZCmV6pKB7OvtUmVGSggN0pJQAkyjkLX+D7cjlwLh+8PU/iA0MKgw5roopTGwDlCTtSEV303WwVfxYY4Fk+FmeM6p97b3QmdM7JjjcKhgemkxPdj71Gh/2hRIt9beoXYUdGCDSvaIYYIjkMfi61/hmff3u5ZhfWWYHUH0VkFaqXADbBfM0hip6rj4d9+vIQ139XCHVr1DKepWvDxx/OBJNi5VkW5Df5LaeK0O8ERIz0Qx9JccprSd6smSommz9QU0fJ1w8yPkFe5SygvaFWw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=1017265bbdcfd.k2402; bh=hj1+WW+NTfFBcR+upDK5WDIHGyC/gN3CxeEbfQqA4oA=; b=SCKMn5Z3kINqssojbuUVmJl7MxypwbXOWkOu4tjRpu9J0Ro5/99Vnwzj+hCLUkN8Sk2yZpKX1T5uEUKewHq+xNhCgwduRLkCTvo3+v+X2yG2WlDV2M1GVuPLXmwNjEPYf7CxbT3VyQMr/V0vubgOK8P6z7NRlzTgjcG5Z2Mi25w6yskgx39AXDXmzpe+7eNCZuKmtezafbry3T7JdaXvXHse1Z8CvXYUbhGTFsoABX+LOaU45sivX1dJKTfG/bVXMTnDpKQqme1M+PIrVelmbqzdFfCMhkeyInlKsRelrR9xjlw96vfsXFEvx1YxQxrLaXTRflK/W+dgvXZXKAMG3A==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 01 Feb 2024 18:03:40 -0000
Received: by ary.qy (Postfix, from userid 501) id 852B6820560B; Thu, 1 Feb 2024 13:03:40 -0500 (EST)
Date: Thu, 01 Feb 2024 13:03:40 -0500
Message-Id: <20240201180340.852B6820560B@ary.qy>
From: John Levine <johnl@taugh.com>
To: ietf-dkim@ietf.org
Cc: superuser@gmail.com
In-Reply-To: <CAL0qLwaiYddreLQjkTXXdVKBPxsF7p2Mq9jqeQrfiX95GZRrtg@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/LkdD4HLUQd5gg0Ys510X9_IWgu8>
Subject: Re: [Ietf-dkim] Question about lone CR / LF
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Feb 2024 18:03:48 -0000

It appears that Murray S. Kucherawy  <superuser@gmail.com> said:
>-=-=-=-=-=-
>
>On Wed, Jan 31, 2024 at 5:44 PM Steffen Nurpmeso <steffen@sdaoden.eu> wrote:
>
>> But i cannot read this from RFC 6376.
>
>Sections 2.8 and 3.4.4 don't answer this?

Not really.  They say what to do with CRLF but not with a lone CR or lone LF.

RFC5322 says:

   o  CR and LF MUST only occur together as CRLF; they MUST NOT appear
      independently in the body.

So I think the answer is that a thing with a lone CR or LF is not a
valid message so signers shouldn't sign them and validators shouldn't
validate them. If you want to allow them, OK, but no promises that
anyone at the other end will treat the brokenness the same way you
dod.

We can get into some theological arguments about BINARYMIME which
allows arbitrary bytes in a MIME part but I expect that DKIM
canonicalization code will choke on other stuff in binary MIME before
it gets to a \x0a or \x0d.

R's,
John

v2.23.0 | Report a Bug | By Email