Re: [Ietf-dkim] Question about lone CR / LF
Dave Crocker <dhc@dcrocker.net> Sat, 03 February 2024 13:40 UTC
Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D43A5C15108D for <ietf-dkim@ietfa.amsl.com>; Sat, 3 Feb 2024 05:40:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dcrocker.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qtKRwhXJfWWO for <ietf-dkim@ietfa.amsl.com>; Sat, 3 Feb 2024 05:39:57 -0800 (PST)
Received: from cyan.elm.relay.mailchannels.net (cyan.elm.relay.mailchannels.net [23.83.212.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1138CC1CAF34 for <ietf-dkim@ietf.org>; Sat, 3 Feb 2024 05:39:56 -0800 (PST)
X-Sender-Id: hostingeremail|x-authuser|dhc@dcrocker.net
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id E2591363DC7 for <ietf-dkim@ietf.org>; Sat, 3 Feb 2024 13:39:55 +0000 (UTC)
Received: from uk-fast-smtpout4.hostinger.io (unknown [127.0.0.6]) (Authenticated sender: hostingeremail) by relay.mailchannels.net (Postfix) with ESMTPA id 0BD5F363F0C for <ietf-dkim@ietf.org>; Sat, 3 Feb 2024 13:39:54 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706967595; a=rsa-sha256; cv=none; b=FxtltwprnU8AbMyCNQVw5iGnEGtcochMej5Ewyct9egIWPQXb6XOfYIrpV5+VqJtwl0jWK FTLAYbIAHvpseKikF4fwvcZ4PjgWJOWuM/I3uPDbuXXo6atXmI6YI5LHjSnsm6hzUxDuM6 PEr970n8UU9RwMiFR1xOV6svGIvmesQ6w7VBw7545Cdg/ZVgfeAAMC9yjs2of779zgwLG/ cDbDhlyblFw3C33RiTliSDH6GbEA2cDgYrYHZrAif/jQbn3nUZ1L1dl4KC7FGdPuo/s8Hg +l9U8cdoLXOkNmZMgAe8M4frN1dpHioYrudjI9TFQD6J6z0l9k339BZ07BLeJA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706967595; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:dkim-signature; bh=Lla/eT8Psu2Xt1lSHGPtJuFs+j7m2MbSPJgWOzURDaY=; b=kOhsOzQzogPcxkaObpl+NeGqnHLMFaDVxDs98dfMAULxLKGDuDTsaHQHqMIU9uSSi2FANN zYH7WWgjl8ZDfDr9fQVDthvDHO78lPaaBv2fUcjaRKgjM3vGJyDOl966xVg/7r0XJB8Yei AMN/fEwDJoJGenoqDWc1bvmUtTIjc1RozpD+yi302ezJpfgfjFdMemm/41VpPT+Z+7obLJ avPH9wBQQ5WGo4f6Odeh8FdB9fGlPXLRubxvmmf7C0OHfizbzWFem6TrpdbLCWmc4cfrr7 kRw2EOf5yc0BGDfCVP7DyKQfQoTQByEp/xnrZSJr9yhfIHICoxc3HnjveodJtQ==
ARC-Authentication-Results: i=1; rspamd-55b4bfd7cb-qggvv; auth=pass smtp.auth=hostingeremail smtp.mailfrom=dhc@dcrocker.net
X-Sender-Id: hostingeremail|x-authuser|dhc@dcrocker.net
X-MC-Relay: Neutral
X-MailChannels-SenderId: hostingeremail|x-authuser|dhc@dcrocker.net
X-MailChannels-Auth-Id: hostingeremail
X-Whispering-Obese: 1587e46308b1aaed_1706967595738_2710910453
X-MC-Loop-Signature: 1706967595737:3148405238
X-MC-Ingress-Time: 1706967595737
Received: from uk-fast-smtpout4.hostinger.io (uk-fast-smtpout4.hostinger.io [31.220.23.38]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.102.32.103 (trex/6.9.2); Sat, 03 Feb 2024 13:39:55 +0000
Content-Type: multipart/alternative; boundary="------------4UlH9W5ugosJTd0YUL51dwtF"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dcrocker.net; s=hostingermail-a; t=1706967592; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references; bh=Lla/eT8Psu2Xt1lSHGPtJuFs+j7m2MbSPJgWOzURDaY=; b=CXFU7tVgTjjmvGRsfkTmyRslrMzfPFSvSCYq9xWevLh6G6FxyJXRFG0AGzCxrj1KEcqGfl gHBz5UvvG+GPlyCZ1ojRtuyUXkMvis/wohGHbkpAVs6K8R1k89/GoiqcLx9w1DFXtMW5fo yfZGijMBTphOfyipI54Ar1XfGVRaLmhbb0lR1Kn0/+7TLaZsfPMaDmmz1NBsTQKQmPYMzW 8pMRBhugvXLxpe/m3pORKEU3y0ZfQVgFUpTCkBRGmi+nYTkf2I81RnkEJ5G0oG1Fp3vvdp 9J8aLOqgu+lUKg4uGqCuU4Ed+zwpYPhbUonOpM8Up1mZjJNSd0snmUx3YSD2Eg==
Message-ID: <f9c11d1a-7799-4946-b95e-7c9c682d60ba@dcrocker.net>
Date: Sat, 03 Feb 2024 05:39:51 -0800
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: John Levine <johnl@taugh.com>
References: <20240202043446.AAF26820F0AD@ary.qy>
Content-Language: en-US
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
Cc: ietf-dkim@ietf.org
Reply-To: dcrocker@bbiw.net
In-Reply-To: <20240202043446.AAF26820F0AD@ary.qy>
X-CM-Analysis: v=2.4 cv=RsPDLjmK c=1 sm=1 tr=0 ts=65be4228 a=f+oD5hTMMv8HtluUlp4ziA==:117 a=f+oD5hTMMv8HtluUlp4ziA==:17 a=r77TgQKjGQsHNAKrUKIA:9 a=k7Ga1wGzAAAA:8 a=mPY55APdGD1gCgxbZ4cA:9 a=3ZKOabzyN94A:10 a=QEXdDO2ut3YA:10 a=0skROM1ysBOsnNXvLmAA:9 a=psSeKZfm_wbK9oaS:21 a=_W_S_7VecoQA:10 a=lqcHg5cX4UMA:10 a=ijMaxGghyylP-n2pFjDB:22
X-CM-Envelope: MS4xfD4ukjw1oPuBs8tHsjF64OUmMEndCdTPflKYcb+s/QU1x3zUX1mV2+GuCfzo//+GsolokaxnQvYb1lDLh0IF8zUnrqBA9jG5r0S8XIYlXU5VMsEKHKfp 1EXbaEoZjjamVbYS8mLs2PyPBtbmnocl182ilaCLCU4XVTAYvZIrfCbJcdkzEB7sX1j9Yyof6o6u7NREP1/rF9AjBOlNSsaywNc=
X-AuthUser: dhc@dcrocker.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/Y1IhT650X-ELGtzJl0cesO5Yae4>
Subject: Re: [Ietf-dkim] Question about lone CR / LF
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Feb 2024 13:40:01 -0000
On 2/1/2024 8:34 PM, John Levine wrote: > I can see that you have strong opinions about what a DKIM verifier > should do with those non-5322 blobs, but I don't see what the basis > for that is, and for that matter, I don't really understand what you > expect code to do with them. Why is "stop and report failure" any > less valid than anything else? I thought I supplied the key point in my response to Jon: > A 5322 processor gets to decide what is a valid message. That's not > DKIM's job. And DKIM has no inherent reason to care about CR or LF on > their own, as distinct from any other character on its own. You moved things to the concept of layering, which wasn't quite the concern I was raising, but is probably reasonable as an encompassing construct. You claimed DKIM has never conformed to layering and I asked you to explain. I explained why there is no obvious basis for your assessment, especially since the example you gave appears to have nothing to do with layering, given that what you cited is something entirely internal to DKIM. I didn't see a clarification from you, about this. But since these foundational points aren't sufficient for you, I'll elaborate, although having to discuss the benefits of design and coding discipline is a bit surprising. It made sense 40 or 50 years ago, when software engineering was an emerging discipline, but I'd thought the industry was a bit more mature than that by now. Having a DKIM module check for one aspect of RFC5322 conformance -- raises a need to make it a full RFC5322 compliance engine. If it doesn't, then the attention to compliance is a random walk through whatever concerns are fashionable at the moment. That is, is sprinkles stray bits of compliance code in a place that won't be -- and shouldn't be -- expected to have it. As maintenance nightmares go, over the long term, this is a pretty classic example. As things related to RFC5322 change over time, and personnel changes remove specialized knowledge, it will not be obvious to check whether this module needs changing. When a DKIM module is invoked, it should be invoked with necessary input validation checking already done. If it hasn't been, then there are larger system problems that stray bits of code in the DKIM module won't fix. d/ ps. Yes, I do have strong feelings about thoughtful design discipline. It usually produces cleaner, simpler, clearer results. -- Dave Crocker Brandenburg InternetWorking bbiw.net mast:@dcrocker@mastodon.social
- [Ietf-dkim] Question about lone CR / LF Steffen Nurpmeso
- Re: [Ietf-dkim] Question about lone CR / LF Murray S. Kucherawy
- Re: [Ietf-dkim] Question about lone CR / LF Steffen Nurpmeso
- Re: [Ietf-dkim] Question about lone CR / LF John Levine
- Re: [Ietf-dkim] Question about lone CR / LF Jon Callas
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF Steffen Nurpmeso
- Re: [Ietf-dkim] Question about lone CR / LF John R Levine
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF John R Levine
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF John Levine
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF Murray S. Kucherawy
- Re: [Ietf-dkim] Question about lone CR / LF John R Levine
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF John R Levine
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF Murray S. Kucherawy
- Re: [Ietf-dkim] Question about lone CR / LF John R Levine
- Re: [Ietf-dkim] Question about lone CR / LF Steffen Nurpmeso
- Re: [Ietf-dkim] Question about lone CR / LF John Levine
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF Murray S. Kucherawy
- Re: [Ietf-dkim] Question about lone CR / LF John R Levine
- Re: [Ietf-dkim] Question about lone CR / LF Steffen Nurpmeso
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF Hector Santos
- Re: [Ietf-dkim] Question about lone CR / LF Murray S. Kucherawy
- Re: [Ietf-dkim] Question about lone CR / LF Dave Crocker
- Re: [Ietf-dkim] Question about lone CR / LF Hector Santos
- Re: [Ietf-dkim] Question about lone CR / LF Steffen Nurpmeso
- Re: [Ietf-dkim] Question about lone CR / LF Steffen Nurpmeso