IETF Logo Mail Archive

Re: [Ietf-dkim] Question about lone CR / LF

John R Levine <johnl@taugh.com> Sat, 03 February 2024 21:54 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7EF7C14F615 for <ietf-dkim@ietfa.amsl.com>; Sat, 3 Feb 2024 13:54:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="jabSUeEW"; dkim=pass (2048-bit key) header.d=taugh.com header.b="eeLi/6jC"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y9ZbVwUelHk9 for <ietf-dkim@ietfa.amsl.com>; Sat, 3 Feb 2024 13:54:07 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6D2FC14F5F8 for <ietf-dkim@ietf.org>; Sat, 3 Feb 2024 13:54:06 -0800 (PST)
Received: (qmail 65264 invoked from network); 3 Feb 2024 21:54:05 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=feee65beb5fd.k2402; bh=liopsP04PsU3gMoUBVgwyEMqEsPM513a8QRObesioIA=; b=jabSUeEWsJQY3IM2MWN2SXF2vXajEs9VsCJue/FyyBvzYG3Lb1DfSqDndx3/+2SgEuwHSizVjhTHJq6ocI9rUeqPygIcq5dmWAVUoliTJZDtA/VjLIklKUk72TW7mt+TT7yzOXQOFr8xRuKU720h49Dk8R89Znzh/eazcIv8guVUAh6hruddUoH0KUay+xTUVbJLhZplrl0fZzJxHlF4RvoC7Dg7EoYE/3RrUBwA790Sb8Sqz95oC/2vHb2lHHSURoyrEQgPvtM/bqyhOpB2nMTdFm3FTkPgI64U3a+dRh1qnBTIN51R3ERe2Td9o67ZmAYxnlOorfxtwM1HkVvzpg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=feee65beb5fd.k2402; bh=liopsP04PsU3gMoUBVgwyEMqEsPM513a8QRObesioIA=; b=eeLi/6jChqIb24QWdLMSsoi5TtlU/KiAc5zCMAovro/SpSCBQ48qAAvKdGuODtL0CHFGjXOeqERyd3PJaC6j0HlRzvocqAsiikWc0HpCBT+cyO7CoK1BQiY81lW3C57W5r4d0ceop9pRIku3Hkvwsmd9WkPncdeoO/eAmJSU4sIsB9RRR5ExWBkYpHkLiZO9OA3oX4wrc2qU2s0TxnW728svV3N9TIRQBKMN5vdooDaM+QzkaB4ejx5yNlLQpd2K5Ymy3OpkncjJf7U+LgRXdH7FlUQAWyImRgJzIe/KbJoBWc3ESYWxv+aa5zOpE7Xo0HAfNlp4Plz7iyayZzNsRQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 03 Feb 2024 21:54:04 -0000
Received: by ary.qy (Postfix, from userid 501) id 4584B822B786; Sat, 3 Feb 2024 16:54:04 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 0A6F3822B768; Sat, 3 Feb 2024 16:54:04 -0500 (EST)
Date: Sat, 03 Feb 2024 16:54:03 -0500
Message-ID: <7ef08541-e3cf-d356-cba9-85a92a5df9a6@taugh.com>
From: John R Levine <johnl@taugh.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: ietf-dkim@ietf.org
X-X-Sender: johnl@ary.qy
In-Reply-To: <CAL0qLwZyXV11ZeULceA5sQbStky4ashJgBVmr_=8vaKZkykSiQ@mail.gmail.com>
References: <20240202043446.AAF26820F0AD@ary.qy> <f9c11d1a-7799-4946-b95e-7c9c682d60ba@dcrocker.net> <CAL0qLwZyXV11ZeULceA5sQbStky4ashJgBVmr_=8vaKZkykSiQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/b-v6TvqUEh9NiGnqTvp_WzgM5mo>
Subject: Re: [Ietf-dkim] Question about lone CR / LF
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Feb 2024 21:54:11 -0000

> But on review, it seems like I've tiptoed over that line from
> time to time in support of robustness in some form or another. ...

It occurs to me that Dave and I have different views of how software is 
put together.  His sounds like the waterfall model that was popular when 
he and I were undergraduates.  You design the whole thing, you decide what 
modules do what, then you code the modules.  So if module A is supposed to 
do something, there's no reason for module B to worry about it because A 
should already have handled it.

My view is more pragmatic.  People assemble programs from pieces and the 
pieces have bugs.  So to the extent practical, you defend against things 
like bad input.  It happens that bare CR and LF are really easy to check 
for in DKIM since as I noted before there's already a state machine that 
is looking at the current character and knows if the previous character 
was a CR.  So it might as well recognize and reject that particular bit of 
bad input, particularly since whatever result it would otherwise produce 
isn't likely to be useful.

> Maybe this illustrates the difference between pure software engineering and
> applied software engineering?

Yup.

R's,
John

PS:

> It also optionally does LF to CRLF translation.  I'm fairly certain this is
> to accommodate local/human SMTP injections since humans can't be expected
> to type CRLFs when entering manual tests from a shell. ...

Unix MTAs strip out the CR in CRLF, often on the way in, so by the time 
opendkim sees the message, the line endings are just LF.

v2.23.0 | Report a Bug | By Email