IETF Logo Mail Archive

Re: [openpgp] Put Signature in an Email's Header

Andrew Gallagher <andrewg@andrewg.com> Tue, 08 August 2023 10:40 UTC

Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89A10C1516E0 for <openpgp@ietfa.amsl.com>; Tue, 8 Aug 2023 03:40:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GotvFnetjnXr for <openpgp@ietfa.amsl.com>; Tue, 8 Aug 2023 03:40:33 -0700 (PDT)
Received: from fum.andrewg.com (fum.andrewg.com [IPv6:2a01:4f9:c011:23ad::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8521C15155A for <openpgp@ietf.org>; Tue, 8 Aug 2023 03:40:32 -0700 (PDT)
Received: from smtpclient.apple (unknown [IPv6:fc93:5820:7349:eda2:99a7::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by fum.andrewg.com (Postfix) with ESMTPSA id 34E745F4AD; Tue, 8 Aug 2023 10:40:30 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1691491230; bh=LUSKM/s2F88tdxYD0XCVxm4eASVHRY4Mx37RWy0/X18=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=Pv6Id18v3KbwKqXjfIHfivdOs/Z4V1413xOG6eE6a756NJS3AmtRLlStxNwx5BHWi N1F2MPM895AP2WSGXQdruFbzxzXzk1UnfyDSMYnPF6WU5O+d9RENyniiR0yk7FpEnC NhVTs+BxE14LGSxwmYKw0jpkczH5Sg/Vrs6BsqVI7ZghF+se14GmCSpamgrOu5ex4A p1TVgg/cluP/fQ/LCSe0HEZ03VZRJ9CgxZ0rBcZoEV8bS9KHv6WWd0l4urgjFmA4DU Hv03zetaCqvcw2Dw6/IN6bvynDXh7eVFFc3f477VfI3VP7dqfd8F4vRD22HvOX/HnA WCtLGW+0fJyfA==
Content-Type: multipart/signed; boundary="Apple-Mail=_FA251C43-854A-402F-92B2-1EF7D3D22797"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
From: Andrew Gallagher <andrewg@andrewg.com>
In-Reply-To: <8d42f591-3aec-43c8-b476-abdafdb85dd7@metacode.biz>
Date: Tue, 08 Aug 2023 11:40:10 +0100
Cc: Werner Koch <wk@gnupg.org>, IETF OpenPGP WG <openpgp@ietf.org>, Kai Engert <kaie@kuix.de>
Message-Id: <E6B2A53A-D5AE-4267-9224-FC01DFA3C404@andrewg.com>
References: <48be3fcf-cdce-9ef4-655b-63b6dddf9310@kuix.de> <20201211095836.5218a72e@computer> <cd02d2db-0671-dfc0-dab3-dc793a2c1605@metacode.biz> <878sa4y7hy.wl-neal@walfield.org> <4dbaf770-2b2e-47cc-afb5-3ba07706aafd@kuix.de> <87a5v1j4xo.fsf@wheatstone.g10code.de> <db447915-fc25-4759-879e-b64020c0ec0e@kuix.de> <87zg31hoee.fsf@wheatstone.g10code.de> <ba560bb0-0fa5-40a2-b70d-83f36859e17e@metacode.biz> <87v8dphmec.fsf@wheatstone.g10code.de> <8d42f591-3aec-43c8-b476-abdafdb85dd7@metacode.biz>
To: Wiktor Kwapisiewicz <wiktor=40metacode.biz@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3731.600.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/U21gqaTpq1xFWd8N481XxwnhLqE>
Subject: Re: [openpgp] Put Signature in an Email's Header
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Aug 2023 10:40:38 -0000

On 8 Aug 2023, at 11:25, Wiktor Kwapisiewicz <wiktor=40metacode.biz@dmarc.ietf.org> wrote:
> 
> Having been on the receiving end of the "no can do" advice with this mailing list not once, not twice I'd encourage Kai to try it out anyway and see the real-world impact of his solution first-hand.

I’d be more conservative than this - I’m not going to say “don’t do it”, but I would recommend to draw up the pros and cons first before implementation, because everything is a balance of cost and benefit - and those who pay the cost are not always those who benefit (which is how we got here in the first place). We have a specific concern raised, which is that it might break forwarding. So how would this be addressed?

A

v2.23.0 | Report a Bug | By Email