Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?
Dave Crocker <dhc@dcrocker.net> Mon, 05 February 2024 21:46 UTC
Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEEDDC14F60A for <ietf-dkim@ietfa.amsl.com>; Mon, 5 Feb 2024 13:46:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dcrocker.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ghJhSq-n4lkk for <ietf-dkim@ietfa.amsl.com>; Mon, 5 Feb 2024 13:46:13 -0800 (PST)
Received: from poodle.tulip.relay.mailchannels.net (poodle.tulip.relay.mailchannels.net [23.83.218.249]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10194C14F604 for <ietf-dkim@ietf.org>; Mon, 5 Feb 2024 13:46:12 -0800 (PST)
X-Sender-Id: hostingeremail|x-authuser|dhc@dcrocker.net
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id EEFE8542181 for <ietf-dkim@ietf.org>; Mon, 5 Feb 2024 21:46:11 +0000 (UTC)
Received: from uk-fast-smtpout4.hostinger.io (unknown [127.0.0.6]) (Authenticated sender: hostingeremail) by relay.mailchannels.net (Postfix) with ESMTPA id 49DFE542124 for <ietf-dkim@ietf.org>; Mon, 5 Feb 2024 21:46:11 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1707169571; a=rsa-sha256; cv=none; b=omLfE91pwPHp0iLRaDolqAoRYr8K2YXVV3MwSwHDElQHWctwqHUsY55q0m1hS5ASQjAu2y QuBybhCul5JxdXv3GnJLTDuV1VQ7toQoIsBaqEvz+4AmXtYjNCv2aMzZ7QKr+OghbxK5iB X/CnMRIxoo8sIQQxjS107w1vFnCrAlrYD4CbKK+fqlhOmypohKO9vsuO4PHSU92mMcfmha EKCwe6XdElQYMyKce8Sk8V+OkgUe4RXdgA1vH0O27h/p+CRTJATiIx8dH40/Pk6zLGs8pt TNWFI/SRrR5/I5PVLDonsqXfndJrYfisO2+wx7fHBrWQ9cthG32kdEFmMNGUgQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1707169571; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:dkim-signature; bh=zBlV73ijtlqubsKiNtXy9KO9Aokidd6n+CCWa9BKjUw=; b=AbzGhDRxs7iytmQsKnQM5DYaHMHF5MNn8AS3CNVRlIAgVCir4Y3gw9xmhUNvb/hANSxsSr LXPYtCkZnqN73v5lLmbD/kfYvUHLfmvaOzD8E0AXu0ArvfXCvpRLs7qY2uNnkc5qKne7av Xy/Hq0m7Td2JhPv8p1ecXByrgPaFifwUwibT/zfyNm7Q2x/ChVLhfX12mBWiEogXcD86rh ZKri5BrqcAFHivJJxNf3rSg/hp3vlK0j/xrP3SbFv7Wvq9DhtgRn8LZyj8TALb5Xsjuhx+ qaB4eNCmA1KYmYjE+2iG7hfgm8cDQVFIlQDx35VPn7lPSwGh6pDt5h09SopJBw==
ARC-Authentication-Results: i=1; rspamd-55b4bfd7cb-vxhn5; auth=pass smtp.auth=hostingeremail smtp.mailfrom=dhc@dcrocker.net
X-Sender-Id: hostingeremail|x-authuser|dhc@dcrocker.net
X-MC-Relay: Neutral
X-MailChannels-SenderId: hostingeremail|x-authuser|dhc@dcrocker.net
X-MailChannels-Auth-Id: hostingeremail
X-Continue-Descriptive: 6c5ab96d5b4966cd_1707169571827_14037318
X-MC-Loop-Signature: 1707169571827:2299903609
X-MC-Ingress-Time: 1707169571826
Received: from uk-fast-smtpout4.hostinger.io (uk-fast-smtpout4.hostinger.io [31.220.23.38]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.109.86.237 (trex/6.9.2); Mon, 05 Feb 2024 21:46:11 +0000
Content-Type: multipart/alternative; boundary="------------MCSXPvxcboAJaDCYHEqithfm"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dcrocker.net; s=hostingermail-a; t=1707169569; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references; bh=zBlV73ijtlqubsKiNtXy9KO9Aokidd6n+CCWa9BKjUw=; b=Y+JGGoctj26dK3VEw/Z99wlztnXpRxnpzSFlksXmFNEnsNQ1n8VAwvG4DdG4BPCEKChUT4 HRzruOAGjTnHijVdwO/yrrMyX998Gc221qssrJ9kULN58mjxjdqXFCviNRWQnUQCp6XAFF 57c0zg7wY8HNvgiV9iRg3Qs1VaQ9s+R0ZWdLfzFJriKrz/hpo/1VVJ3GNDTMEcrA2G6ozs j4CIqXkOfcCTIL9p8W+TzdhjIL0QhuzSjY44lBsv2snmR1pn5CNetNRAaDDlZEwZDoH3gq 42G3xFY0OY7nqmb7D0SHN12BznEv4Rw8Lu74SIeGfykipP2038H9yk8x9yUjXQ==
Message-ID: <1c0a74ed-9366-4e11-9604-eab211a17046@dcrocker.net>
Date: Mon, 05 Feb 2024 13:46:07 -0800
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Reply-To: dcrocker@bbiw.net
Content-Language: en-US
To: ietf-dkim@ietf.org
References: <20240119192026.DEDFF810437D@ary.qy> <20240120000053.FrDLzS4U@steffen%sdaoden.eu> <3f72e0c3-d245-16f7-57b2-831bfa53efbd@taugh.com> <4F161749-91D6-4E2D-AF70-89C5F172B971@isdg.net> <64f0cfd3-9d86-4d5e-b213-d0e53972c65a@tana.it> <af70d974-b2cb-4ac3-af9f-f0461238ebbb@isdg.net> <0cb52576-67af-4248-9866-5d2e2ef1adfd@tana.it> <8EA4F7EB-CBAF-4CBA-AD3B-03ECC8B05172@isdg.net> <012291f4-5098-4e6b-b9b9-a7e1fd681138@tana.it> <e59bbaa2-945c-4ed8-85b4-3a79ebc8bfbd@dcrocker.net> <20240205212412.Kq4PkTNC@steffen%sdaoden.eu>
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
In-Reply-To: <20240205212412.Kq4PkTNC@steffen%sdaoden.eu>
X-CM-Envelope: MS4xfHlIYZZegGxt6Bv0AbgTmY3BCcH9mrnuD+N4VoWqtu/QRAEI5Y7L0HErFNyQuwPHl2nwFto0wAYBobsw+qBNOrpyLGlD0SRDZxSdBk5dJU2rgsmAVpi4 EC0+XSF09eQIyTN0ggn9ljAr0i9/gRIeKuN4Bzvo8g6B/APj4/0v2ddwqi+/J9ZpyqiCQyUqM+924A==
X-CM-Analysis: v=2.4 cv=RsPDLjmK c=1 sm=1 tr=0 ts=65c15721 a=f+oD5hTMMv8HtluUlp4ziA==:117 a=f+oD5hTMMv8HtluUlp4ziA==:17 a=-8J-CVF0aq-YtkYw:21 a=r77TgQKjGQsHNAKrUKIA:9 a=k7Ga1wGzAAAA:8 a=wQeSGMR2-9u6tXeGG0EA:9 a=3ZKOabzyN94A:10 a=QEXdDO2ut3YA:10 a=ZXulRonScM0A:10 a=rVyjR2-SAAAA:8 a=G1y-sKfZxMQN9ntdS4cA:9 a=JsWxlVeOG549oLzD:21 a=_W_S_7VecoQA:10 a=lqcHg5cX4UMA:10 a=ijMaxGghyylP-n2pFjDB:22 a=76KbetxDF-qy942G8qU_:22
X-AuthUser: dhc@dcrocker.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/SvAbKBRDgPng_jhPce9LUVDirQY>
Subject: Re: [Ietf-dkim] Headers that should not be automatically oversigned in a DKIM signature?
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Feb 2024 21:46:18 -0000
On 2/5/2024 1:24 PM, Steffen Nurpmeso wrote: > I*totally* disagree. > It is also a matter of education. Yeah. No. The standard example is the failure of the URL lock symbol. But given your certitude, please provide refereed research about persistent behavioral change from email header security-related information. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net mast:@dcrocker@mastodon.social
- [Ietf-dkim] Headers that should not be automatica… Mike Hillyer
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… Mike Hillyer
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… John Levine
- Re: [Ietf-dkim] Headers that should not be automa… Evan Burke
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… Al Iverson
- Re: [Ietf-dkim] Headers that should not be automa… Alessandro Vesely
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… Evan Burke
- Re: [Ietf-dkim] Headers that should not be automa… John Levine
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… Emanuel Schorsch
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… John R Levine
- Re: [Ietf-dkim] Headers that should not be automa… Hector Santos
- Re: [Ietf-dkim] Headers that should not be automa… Murray S. Kucherawy
- Re: [Ietf-dkim] Headers that should not be automa… Alessandro Vesely
- Re: [Ietf-dkim] Headers that should not be automa… Hector Santos
- Re: [Ietf-dkim] Headers that should not be automa… Alessandro Vesely
- Re: [Ietf-dkim] Headers that should not be automa… Hector Santos
- Re: [Ietf-dkim] Headers that should not be automa… Alessandro Vesely
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… Jim Fenton
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… Jim Fenton
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… Dave Crocker
- Re: [Ietf-dkim] Security indicators, not Headers … John Levine
- Re: [Ietf-dkim] Headers that should not be automa… John Levine
- Re: [Ietf-dkim] Headers that should not be automa… Hector Santos
- Re: [Ietf-dkim] Security indicators, not Headers … Hector Santos
- Re: [Ietf-dkim] Security indicators, not Headers … Dave Crocker
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso
- Re: [Ietf-dkim] Headers that should not be automa… Murray S. Kucherawy
- Re: [Ietf-dkim] Headers that should not be automa… Steffen Nurpmeso