IETF Logo Mail Archive

Re: [Ietf-dkim] Question about lone CR / LF

John R Levine <johnl@taugh.com> Fri, 02 February 2024 15:01 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AE61C14F5EF for <ietf-dkim@ietfa.amsl.com>; Fri, 2 Feb 2024 07:01:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="FyXDZpDy"; dkim=pass (2048-bit key) header.d=taugh.com header.b="lOiSDH7O"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bZlcOlngVs5m for <ietf-dkim@ietfa.amsl.com>; Fri, 2 Feb 2024 07:01:47 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 045C0C14F60D for <ietf-dkim@ietf.org>; Fri, 2 Feb 2024 07:01:46 -0800 (PST)
Received: (qmail 79458 invoked from network); 2 Feb 2024 15:01:44 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=1365965bd03d8.k2402; bh=QLfaNyt4IhFWy/utx6WwgTktn4NGqyovZ4lyVv2Bk7o=; b=FyXDZpDyXpJhKpnROP7Cla73P4srhkO4hnCFyiDgU/Dj5C+KmFjHrNHbv5rKfEddyal/SwO7RWvYXZgDsYgK/jToYQjA6UZySLI5WNJcvs2NqkDJoKow5N6aoUKOf6+YG3mV1IIIy30oej9pfcndoiB7UqCUSUt1AQGIhf21Kk/MXXBWWXhx5gHH5U2dSNSXtoKNc7KH4ssgvgIUkjZAtSougbAUB1eEp++I+dPjhLvKpEjOvDFBzkCf9++me0Kyp+54EGSlVauldvRULAxYpryyKJqoAwv4wXB5KdKSZH39SHl75W+dZk+Uat3bouHrUrxhV+CXwL8kDQw+GfRSQg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=1365965bd03d8.k2402; bh=QLfaNyt4IhFWy/utx6WwgTktn4NGqyovZ4lyVv2Bk7o=; b=lOiSDH7OpcjZzXqiC6Wpk0Gw7egdm8mFaqDzUfJuZR9Z+P/8zvjxBc8Hr8VkKRBjfVW241jmCgiZ1Q4Ya2sg04/07gPSAiXmL+yQIyzhLnPy/3NN03sFsmEUlH891a4GhTpsGXXliBJ4ZQQLkRM7yYs8H/3h+9jzt1YZmMvwQSlez9/XHTjykef16jiGpDIxyYykTu0Yokp8KcH9sSbYPTN8tDOY50TBmAOLFdQL+RyKzr+GwllEFf2lmXTd0BQ+Qfr9fL+/uim++oESZghZxxO5Ar/ZHVhw/+3rk4jt+HUFpITOVNjTSmDrj2Pk8gJDI6f5qolJrRolt5FaqhEMDw==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 02 Feb 2024 15:01:44 -0000
Received: by ary.qy (Postfix, from userid 501) id 043998212FCD; Fri, 2 Feb 2024 10:01:43 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id A19D48212FAF; Fri, 2 Feb 2024 10:01:43 -0500 (EST)
Date: Fri, 02 Feb 2024 10:01:43 -0500
Message-ID: <ba4ac221-fa45-1773-53e0-d9548daba992@taugh.com>
From: John R Levine <johnl@taugh.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: ietf-dkim@ietf.org
X-X-Sender: johnl@ary.qy
In-Reply-To: <CAL0qLwYhYjEL0AOyGo+=X_tWsOKUQW9PJvkOcwTCgXYr-ETXLA@mail.gmail.com>
References: <CAL0qLwaiYddreLQjkTXXdVKBPxsF7p2Mq9jqeQrfiX95GZRrtg@mail.gmail.com> <20240201180340.852B6820560B@ary.qy> <CAL0qLwYhYjEL0AOyGo+=X_tWsOKUQW9PJvkOcwTCgXYr-ETXLA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/yiWj3Tjkt2KGD9S7XB6Mw3miaKI>
Subject: Re: [Ietf-dkim] Question about lone CR / LF
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Feb 2024 15:01:52 -0000

> I agree that by the time you're talking to a DKIM (or any) filter, I expect
> that this has been handled somehow.  CRLF ends a line, anything before that
> is part of the line, and WSP is just a space or a tab.  Past that, garbage
> in, garbage out.

Yup, which is why I'd prefer to take out the garbage.

As I'm sure you know, on Unix-ish systems the internal line separator is 
LF, so MTAs add the CR on the way out and remove it on the way in.  DKIM 
routines operate on the internal form so they have code to add a CR before 
each LF when making hashes.  So if a message shows up with bare LFs, those 
DKIM verifiers will treat it as though those were CR LF.  But if a message 
came from some other system, say Windows, that uses CR LF internally, it 
won't have added the CRs and the hashes won't match.

It seems to me that a signature that may or may not verify depending on 
internal warts of the verifier is worse than no signature at all.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email