Re: [ietf-dkim] versions of RFC822 mail messages, Where is the formal definition of DKIM-Signature?

Michael Thomas <mike@mtcc.com> Sat, 10 February 2018 18:14 UTC

Return-Path: <ietf-dkim-bounces@mipassoc.org>
X-Original-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Delivered-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9172412895E for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Sat, 10 Feb 2018 10:14:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.099
X-Spam-Level:
X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DMN3NP5AU8We for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Sat, 10 Feb 2018 10:13:58 -0800 (PST)
Received: from simon.songbird.com (simon.songbird.com [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C756B12426E for <ietf-dkim-archive@ietf.org>; Sat, 10 Feb 2018 10:13:58 -0800 (PST)
Received: from simon.songbird.com (simon.songbird.com [127.0.0.1]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id w1AIDKeg013518; Sat, 10 Feb 2018 10:13:21 -0800
Authentication-Results: simon.songbird.com; dkim=none reason="no signature"; dkim-adsp=fail (unprotected policy); dkim-atps=neutral
Received: from takifugu.mtcc.com (mtcc.com [50.0.18.224]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id w1AIDHah013513 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT) for <ietf-dkim@mipassoc.org>; Sat, 10 Feb 2018 10:13:18 -0800
Received: from takifugu.mtcc.com (takifugu.mtcc.com [50.0.18.224]) (authenticated bits=0) by takifugu.mtcc.com (8.15.2/8.14.7) with ESMTPSA id w1AICJwB010569 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <ietf-dkim@mipassoc.org>; Sat, 10 Feb 2018 10:12:19 -0800
To: ietf-dkim@mipassoc.org
References: <20180210155011.3735B1A7DD64@ary.qy> <47dd136e-e122-9bd2-8cf1-7a712770d930@bbiw.net> <alpine.OSX.2.21.1802101244340.58081@ary.qy> <151740cf-796e-16eb-2ef5-ca296b5d4af0@bbiw.net>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <84d515c0-7c76-232d-464f-3215db00d14d@mtcc.com>
Date: Sat, 10 Feb 2018 10:12:19 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.0
MIME-Version: 1.0
In-Reply-To: <151740cf-796e-16eb-2ef5-ca296b5d4af0@bbiw.net>
Subject: Re: [ietf-dkim] versions of RFC822 mail messages, Where is the formal definition of DKIM-Signature?
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim/>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Content-Transfer-Encoding: base64
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Errors-To: ietf-dkim-bounces@mipassoc.org
Sender: "ietf-dkim" <ietf-dkim-bounces@mipassoc.org>

On 02/10/2018 10:04 AM, Dave Crocker wrote:
> On 2/10/2018 9:47 AM, John R Levine wrote:
>> Well, OK, other than DKIM-Improved-Signature how would you do 
>> conditional signatures, where the signature has to fail if the 
>> semantics of the re-sign tag aren't satisified?  Remember that the 
>> current rule is that verifiers ignore tags they don't understand.
>
> The current point of departure into DKIM is by the header field name. 
> So I'm not sure why 'other than' is being queried, since it's the 
> natural, existing point for going to a different protocol.
>
> Different protocol?  Yes.  Current DKIM does not require support for 
> unrecognized tags, beyond the initial set.  You want to require 
> support for additional tags.  That's a fundamental change; so it isn't 
> 'DKIM'. It's something different.

DKIM-Signature-v2: vs DKIM-Signature: v=2;

Angels, meet the pinhead.

Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html