[Mailman-Developers] Mailman headers roundup
Chris Clark
Chris.Clark at actian.com
Wed Nov 2 20:00:14 CET 2011
Barry Warsaw wrote:
> On Oct 30, 2011, at 08:04 PM, Patrick Ben Koetter wrote:
>
>> X-Message-ID-Hash
>> propose an RFC as an extension of RFC 5064
>> Modify to: unclear
>> Next Step: Discuss
>>
>
> As an RFC, obviously we'd drop the X- prefix, but also "Hash" might be too
> vague. Personally I think Message-ID-Hash is fine and the theoretical RFC
> shouldn't allow much leeway in implementations (i.e. only one hash algorithm
> is allowed). This will probably be bikeshedded to death. Still, since
> Message-ID must be unique (and generally is, as backed up by The Mail
> Archive's data), I think base-32 of SHA-1 will in practice be just fine.
>
I love painting bikesheds... or rather offering paint color/colour
suggestions to painters doing the work ;-)
If a header is going to contain data that is generated from non-trivial
processing I think it would be good form to include the algorithm name
in the header.
The DKIM-Signature (RFC 4871, and was included in the email I'm replying
to) itself includes the name, example extract:
DKIM-Signature: a=rsa-sha256; .........
DKIM is using a secure hash which is arguable more processing than a
simple digest hash but the same principle of self documenting seems
reasonable.
Admittedly there will be a need in the future for new secure algorithms
to be deployed for DKIM, it is less certain if there is a need to ever
change the algorithm used for X-Message-ID-Hash. Is there a clear
advantage limiting the algorithm used?
Chris
More information about the Mailman-Developers
mailing list