Re: [yam] Russ Housley's Discuss on draft-ietf-yam-rfc4409bis-02: (with DISCUSS)
Dave CROCKER <dhc@dcrocker.net> Wed, 24 August 2011 14:51 UTC
Return-Path: <dhc@dcrocker.net>
X-Original-To: yam@ietfa.amsl.com
Delivered-To: yam@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D69F521F8BBC; Wed, 24 Aug 2011 07:51:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.376
X-Spam-Level:
X-Spam-Status: No, score=-6.376 tagged_above=-999 required=5 tests=[AWL=0.223, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E1QsIhXOH6h5; Wed, 24 Aug 2011 07:51:58 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id 188C221F8BB2; Wed, 24 Aug 2011 07:51:58 -0700 (PDT)
Received: from [192.168.1.156] (adsl-68-122-69-114.dsl.pltn13.pacbell.net [68.122.69.114]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id p7OEqriK030690 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 24 Aug 2011 07:52:58 -0700
Message-ID: <4E551041.3020205@dcrocker.net>
Date: Wed, 24 Aug 2011 07:52:49 -0700
From: Dave CROCKER <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0) Gecko/20110812 Thunderbird/6.0
MIME-Version: 1.0
To: Russ Housley <housley@vigilsec.com>
References: <20110822174540.26398.33846.idtracker@ietfa.amsl.com> <6.2.5.6.2.20110823123557.0d863778@elandnews.com> <D41B604F-9452-4F9F-80BA-1FE5B74B171E@vigilsec.com>
In-Reply-To: <D41B604F-9452-4F9F-80BA-1FE5B74B171E@vigilsec.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Wed, 24 Aug 2011 07:53:00 -0700 (PDT)
Cc: yam@ietf.org, richard Barnes <rbarnes@bbn.com>, S Moonesamy <sm+ietf@elandsys.com>, draft-ietf-yam-rfc4409bis@tools.ietf.org, The IESG <iesg@ietf.org>, yam-chairs@tools.ietf.org
Subject: Re: [yam] Russ Housley's Discuss on draft-ietf-yam-rfc4409bis-02: (with DISCUSS)
X-BeenThere: yam@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: Yet Another Mail working group discussion list <yam.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/yam>, <mailto:yam-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/yam>
List-Post: <mailto:yam@ietf.org>
List-Help: <mailto:yam-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/yam>, <mailto:yam-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 14:51:59 -0000
On 8/24/2011 7:06 AM, Russ Housley wrote: > SM: > > Thanks for facilitating this discussion. > > As Dave well knows, the presence of an invalid signature is different than no > signature at all. > > The technical community keeps telling implementors that > they are not really different, but folks that writ code seem to think > otherwise. The proposed text does not say anything about the signature > validity, Russ, As you well know, there are many, very different reasons a signature can be invalid. As you also might know, the DKIM specification therefore declares the semantics of an invalid signature to be the same as having no signature present. Within the formal 4 walls of DKIM, that means that the the presence of an invalid signature is /not/ different than no signature at all. The fact that various receivers might choose to distinguish between the two conditions is well and good, but it also is outside the four walls of formal DKIM. Pragmatics often prompt going beyond a formal specification. That does not make either the specification or the pragmatics "wrong". Each has its own purpose and constraints.(*) > At a minimum, i[t] should say "...of a valid signature." I assume you mean that you are requesting the proposed text to be revised to be: "Message modification can affect the validity of an existing message signature, such as by DKIM [DKIM], PGP [RFC4880], and can render the signature invalid. This, in turn, can affect message handling by later receivers, such as filtering engines that consider the presence or absence of a [valid] signature." Given your own view about the distinction, I'd have thought you would prefer the original wording. While adding "valid" does change the meaning slightly, I don't see it as a problem. d/ (*) Receivers choosing to make a distinction between an absent DKIM signature and a present, invalid one currently represents an intuition rather than a certainty. That's a good basis for experimentation, but a very poor basis for language in a formal standards specification... -- Dave Crocker Brandenburg InternetWorking bbiw.net
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Russ Housley
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Dave CROCKER
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Pete Resnick
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Ned Freed
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Dave CROCKER
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Ned Freed
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John C Klensin
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Ned Freed
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John C Klensin
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Frank Ellermann
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John C Klensin
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Frank Ellermann
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John C Klensin
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Pete Resnick
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Alessandro Vesely
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Barry Leiba
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Ned Freed
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… John Levine
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Murray S. Kucherawy
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… Tony Hansen
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… SM
- Re: [yam] Russ Housley's Discuss on draft-ietf-ya… S Moonesamy