New DKIM canonicalization to avoid broken signatures

From: Alessandro Vesely <>
Date: Fri, 30 Apr 2010 19:31:57 +0200

It is well known that DKIM validation is too strong to be of practical
use for everyday messages. Signatures break too often. One solution,
in Dave's words, is to

   Merely use l=0 and hash only the From: field or perhaps From: and
   Date: or perhaps...

A better solution might be to use a new "mellowed" canonicalization
for the body, and never sign MIME headers. The rough idea is to
produce a body hash that is invariant under 99.99% retransmissions,
but still characterizes the body content somewhat better than l=0.

I think Bayesian filtering has brought a good experience with mail
tokenization, as a side product that can be leveraged to achieve this
task without reinventing the wheel. Poor HTML coding may require extra
tweaks, though.

We'd need to discuss the details, implement them, and test.

Anyone interested?

-------- Original Message --------
Date: 30 Apr 2010 12:33:00 -0000
From: John Levine <>
Subject: Re: [ietf-dkim] Broken signatures,
   was Why mailing lists should strip them

In article <> you write:
>On 29/Apr/10 01:12, SM wrote:
>> The diversity
>> of the email environment is such that you cannot come up with a
>> "mellowed" canonicalization to cope with every possible change.
>Yet, it would seem that by, say, hashing just invariants of binary
>representations of the first entity, e.g. discarding its white space
>and punctuation, one may reach very high percentages of unbroken

It sounds like you want to experiment with different canon schemes for
DKIM, rather than the two that exist now. Wouldn't that be more
appropriate for ASRG?

NOTE WELL: This list operates according to
Received on Fri Apr 30 2010 - 17:32:08 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:19:47 PST