IETF Logo Mail Archive

Re: [ietf-dkim] [Technical Errata Reported] RFC6376 (4926)

Barry Leiba <barryleiba@computer.org> Tue, 07 February 2017 17:07 UTC

Return-Path: <ietf-dkim-bounces@mipassoc.org>
X-Original-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Delivered-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EFB8129DA4 for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Tue, 7 Feb 2017 09:07:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.29
X-Spam-Level:
X-Spam-Status: No, score=-1.29 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_SORBS_SPAM=0.5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 33mAGHxlGqul for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Tue, 7 Feb 2017 09:07:39 -0800 (PST)
Received: from simon.songbird.com (simon.songbird.com [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 69A6B129D9C for <ietf-dkim-archive@ietf.org>; Tue, 7 Feb 2017 09:07:39 -0800 (PST)
Received: from simon.songbird.com (simon.songbird.com [127.0.0.1]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id v17H80wl010842; Tue, 7 Feb 2017 09:08:03 -0800
Authentication-Results: simon.songbird.com; dkim=fail reason="verification failed; unprotected key" header.d=gmail.com header.i=@gmail.com header.b=ImYBZLdM; dkim-adsp=none (unprotected policy); dkim-atps=neutral
Received: from mail-qt0-f194.google.com (mail-qt0-f194.google.com [209.85.216.194]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id v17H7vR8010831 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT) for <ietf-dkim@mipassoc.org>; Tue, 7 Feb 2017 09:07:58 -0800
Received: by mail-qt0-f194.google.com with SMTP id s58so19900513qtc.2 for <ietf-dkim@mipassoc.org>; Tue, 07 Feb 2017 09:06:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=CU1i2QK0+EsJHck2YPc/qC4lkmbYYYeKgXo6cGRAvVg=; b=ImYBZLdMhgvBq5CBT1iDpFKsB+hb23yH5X4YxZG9nJn1hkWryRc03/XxZKbcQdNHSN qRfFVZ6YVTK3mjmIIeHZ1iO1oyJG/aYUaDXTFUhDwF3F4dKyWffqOEgKaEpGYHGZ5loD 9bt+6n8OD7ByFiVhG7Wl7+M0nXv4A515uOBgjyLbBetE9sVy8//W9zO+/5wTn2WJVwWB WhuxpDwuOplXyIE9f3NcLMqtnYVXDKRQ3MowdJSEV4QXpqffLFs1TTDdbrSEuO2jo2MB fkAL+CPFaLeC7qlc0rGtYFPkvL0PblS1LjP4OnIVWi5ibF6Pdm3gVALPfeRtRh4lc9Ol xBkg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=CU1i2QK0+EsJHck2YPc/qC4lkmbYYYeKgXo6cGRAvVg=; b=qiBtjWdQkxap547Dp+A+W5NYLogPBfv79Lg00N5V0sGu9KllX1d+Iwb9okqe/BwKo/ kBu2INbJkxV4B1AE6I16Gy/CXEPdd/OxwWDi9K3H5UDGZXjYJGn73GmCpKvoSyqIuny+ LYllLQ/weKE7ePp/BO+JJ+jkbe2XYdvFEpPl+LMyFHUFrdnTDW/+t9UyMU57kecVEpjI Lf2k/sFgxeLgBcH2ugDDEItTlTwKh4z5rz73HAaBqv36iZ6IkycDjuKkiPP5FA/bdmdX px0piWD6uVe7qf1PU4195zfkjZQmUCSlf9rH6Zovzvqjd9K3Xej4UHioaKUzW8jXizLi TIRw==
X-Gm-Message-State: AMke39lJ1kJXjmZYYt0P6nhp8DlWAK+4klmmouAUDC2v09Yc/7tTUXZfMqKs6tA+MQZG6gbsnLVuhJTuV0vSMA==
X-Received: by 10.200.50.209 with SMTP id a17mr16796775qtb.288.1486487171254; Tue, 07 Feb 2017 09:06:11 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.19.72 with HTTP; Tue, 7 Feb 2017 09:06:10 -0800 (PST)
In-Reply-To: <20170207151712.61C95B818EF@rfc-editor.org>
References: <20170207151712.61C95B818EF@rfc-editor.org>
From: Barry Leiba <barryleiba@computer.org>
Date: Tue, 07 Feb 2017 12:06:10 -0500
X-Google-Sender-Auth: FxaKOAtC1fOXazJqXNQ5RsA5ZNc
Message-ID: <CALaySJJ8QvWp=QChL9Pvt5ytySpeRnU1y4xaXAiRD9vi4M+oZg@mail.gmail.com>
To: Murray Kucherawy <superuser@gmail.com>, Tony Hansen <tony@att.com>
Cc: DKIM Mailing List <ietf-dkim@mipassoc.org>, simon.ser@emersion.fr, Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>, Dave Crocker <dcrocker@bbiw.net>
Subject: Re: [ietf-dkim] [Technical Errata Reported] RFC6376 (4926)
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim/>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: ietf-dkim-bounces@mipassoc.org
Sender: ietf-dkim <ietf-dkim-bounces@mipassoc.org>

Murray, Tony, or someone else: Can you independently check that these
examples need the extra space in order to be verified correctly?

Assuming they do, this errata report should be marked "Verified", but
the type should be changed to "Editorial", not "Technical".

Barry


On Tue, Feb 7, 2017 at 10:17 AM, RFC Errata System
<rfc-editor@rfc-editor.org> wrote:
> The following errata report has been submitted for RFC6376,
> "DomainKeys Identified Mail (DKIM) Signatures".
>
> --------------------------------------
> You may review the report below and at:
> http://www.rfc-editor.org/errata_search.php?rfc=6376&eid=4926
>
> --------------------------------------
> Type: Technical
> Reported by: Simon Ser <simon.ser@emersion.fr>
>
> Section: A.2, A.3
>
> Original Text
> -------------
> DKIM-Signature: v=1; a=rsa-sha256; s=brisbane; d=example.com;
>      c=simple/simple; q=dns/txt; i=joe@football.example.com;
>      h=Received : From : To : Subject : Date : Message-ID;
>      bh=2jUSOH9NhtVGCQWNr9BrIAPreKQjO6Sn7XIkfJVOzv8=;
>      b=AuUoFEfDxTDkHlLXSZEpZj79LICEps6eda7W3deTVFOk4yAUoqOB
>      4nujc7YopdG5dWLSdNg6xNAZpOPr+kHxt1IrE+NahM6L/LbvaHut
>      KVdkLLkpVaVVQPzeRDI009SO2Il5Lu7rDNH6mZckBdrIx0orEtZV
>      4bmp/YzhwvcubU4=;
> Received: from client1.football.example.com  [192.0.2.1]
>      by submitserver.example.com with SUBMISSION;
>      Fri, 11 Jul 2003 21:01:54 -0700 (PDT)
> From: Joe SixPack <joe@football.example.com>
> To: Suzie Q <suzie@shopping.example.net>
> Subject: Is dinner ready?
> Date: Fri, 11 Jul 2003 21:00:37 -0700 (PDT)
> Message-ID: <20030712040037.46341.5F8J@football.example.com>
>
>
> Corrected Text
> --------------
> DKIM-Signature: v=1; a=rsa-sha256; s=brisbane; d=example.com;
>       c=simple/simple; q=dns/txt; i=joe@football.example.com;
>       h=Received : From : To : Subject : Date : Message-ID;
>       bh=2jUSOH9NhtVGCQWNr9BrIAPreKQjO6Sn7XIkfJVOzv8=;
>       b=AuUoFEfDxTDkHlLXSZEpZj79LICEps6eda7W3deTVFOk4yAUoqOB
>       4nujc7YopdG5dWLSdNg6xNAZpOPr+kHxt1IrE+NahM6L/LbvaHut
>       KVdkLLkpVaVVQPzeRDI009SO2Il5Lu7rDNH6mZckBdrIx0orEtZV
>       4bmp/YzhwvcubU4=;
> Received: from client1.football.example.com  [192.0.2.1]
>       by submitserver.example.com with SUBMISSION;
>       Fri, 11 Jul 2003 21:01:54 -0700 (PDT)
> From: Joe SixPack <joe@football.example.com>
> To: Suzie Q <suzie@shopping.example.net>
> Subject: Is dinner ready?
> Date: Fri, 11 Jul 2003 21:00:37 -0700 (PDT)
> Message-ID: <20030712040037.46341.5F8J@football.example.com>
>
> Notes
> -----
> The "simple" header canonicalization doesn't change the header fields in any way.
>
> Folded header fields are missing one space of indentation (they have 5 spaces instead of 6), which makes the verification fail. Note that the plain text version of the RFC adds a prefix of three spaces before each line of text, which must be ignored.
>
> In section A.3, the indentation is changed again (5 spaces instead of 6 + the "b=" tag has 2 additional spaces of indentation).
>
> Test cases:
> - opendkim: https://github.com/cyrusimap/opendkim/blob/ab2934e131cbe670b49f11db9daf8cd1223e3839/libopendkim/tests/t-testdata.h#L74
> - go-dkim: https://github.com/emersion/go-dkim/blob/master/verify_test.go#L9
>
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party
> can log in to change the status and edit the report, if necessary.
>
> --------------------------------------
> RFC6376 (draft-ietf-dkim-rfc4871bis-15)
> --------------------------------------
> Title               : DomainKeys Identified Mail (DKIM) Signatures
> Publication Date    : September 2011
> Author(s)           : D. Crocker, Ed., T. Hansen, Ed., M. Kucherawy, Ed.
> Category            : DRAFT STANDARD
> Source              : Domain Keys Identified Mail
> Area                : Security
> Stream              : IETF
> Verifying Party     : IESG
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html

v2.23.0 | Report a Bug | By Email