fedora mailing list handles signed email incorrectly

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



 Problem
 --------
  All the fedora mail lists are not handling domain keys and dkim signed
mail correctly.

  The mail list leaves the original signatures but breaks the headers
thereby making the signature fail.

  There are several choices, but breaking DKIM as it does is the worst.

  Solutions:
  -----------
  The list server should either

   (1) leave the original message headers intact

   (2) If signed headers are mofified - remove original signature
        (a) delete original signature
        (b) delete original signature and sign outgoing as list server


  (3) Leave original message intact and signed - list server should then
sign its own message along with the forwarded message as an attachment.
This way allows both the original and the forwarded message to be checked.


 Comments:
 ---------
  (1) is ok

  (2) is not ideal as it defeats purpose of signing mail tho (b) is
better than (a)

  (3) Is the best available choice.

  It would be even better if the DKIM milter recursively checked all
attached signed messages as well - which is not in the current version.
In fact it should be part of the spec itself and thus required.


   gene/

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux