[massanity] Re: Initial thoughts from Nathaniel

Patrik Fältström paf at cisco.com
Thu Dec 16 08:31:29 CET 2004 

I have not heard much from other people than Nathaniel on this MIME or 
non-MIME issue.

Is it the case (a) you don't care (b) don't have time or (c) it doesn't 
matter?

I have seen more evidence for example Cisco marketing pushing non-MIME 
format very very hard, and if we don't have any arguments why signing 
MIME-structured bodies of SMTP messages is technically broken, that is 
what will happen.

What I saw today is that (of course) the Outlook client is structured 
internally in a way so it handle only MIME-parts. To get the raw data, 
one have to fight very hard (if at all possible). So, a request might 
go to Microsoft to change the client to NOT be as MIME-aware as it is 
today. This because the whole body have to be treated as an opaque 
blob.

I feel I have been fighting for 10 years no for more MIME support, and 
I don't understand how the technical community (IETF) can accept now 
email taking a step back in evolution towards non-MIME mechanisms. 
Without ESMTP negotiation abilities that imply changes of RFC2822 body 
content (but still intact content after MIME parsing).

Please, spend some 10-20 seconds on this, and let me know what you all 
think.

      paf

On Nov 14, 2004, at 11:54, Patrik Fältström wrote:

>> I'm afraid you lose me at step a):
>>
>> On Nov 11, 2004, at 8:03 PM, massanity-request at lists.paf.se wrote:
>>
>>> (a) I don't believe we will be able to have two ways of signing 
>>> message bodies in the long run. Either we have multipart/signed, or 
>>> sign the bucket of bits in the message (and ignore the MIME. We will 
>>> never be able to have both
>>
>> This is not a belief that I share.  There are *lots* of things we 
>> have two ways of doing, why predict that this won't be another one?
>
> Because they technically are very very hard to implement at the same 
> time. Sure, if we had two ways of doing the same thing that could 
> coexist I would not be so nervous, but I don't think it is possible 
> for these things. Just think of the transformations of the body of a 
> message multipart/signed can create. Or what transformations 8BITMIME 
> can create.
>
> I.e. all of our thinking in SMTP land since 1995 has been to protect 
> the MIME structure and have the MIME structure not be damaged. Now 
> with MASS initiatives, we once again are back to "don't change the 
> bytes in the body".
>
> But, this is exactly what I want to discuss with you who know SMTP at 
> least as well as I do (in many cases much much better).
>
>> More important, I don't think *either* of these two is the way most 
>> of us have been looking at doing MASS signatures.  I think we're 
>> working on a third model here, one I would characterize for lay 
>> audiences as a "low-resolution signature" (by analogy to low-res 
>> graphics).  Think of it not as a cryptographically signed message, 
>> but a cryptographically signed *checksum* of the message, using a 
>> checksum algorithm that is invariant across the kinds of whitespace 
>> shifting and line wrapping that characterizes email transport.
>
> Correct, there is a difference between the canonicalization of the 
> message body itself, and what we pass to the hash function that 
> calculates the signature. But, for example, is it correct to do this 
> function so low-rez that it don't alarm when certain changes happen? I 
> have seen ideas that for example strip 8th bit on bytes in the body, 
> ignore what the has function "think" is a boundary between multipart 
> messages (as the last boundary has '--' appended), and byte counters 
> for how many bytes in the message is to be signed. Etc.
>
> The problem is that the checksum algorithm will be so low-rez, and 
> still not work (due to added multipart-wrappers around existing 
> messages, and changes in content-transfer-encoding during flight) that 
> it will not fly.
>
> For example, I see too much of such issues with the Cisco idea, IIM. 
> Every day there is a new "fun" problem.
>
>>> (b) If we sign the bucket of bits, we destroy the ability to use 
>>> 8BIT content-transfer-encoding and the 8BITMIME ESMTP extension 
>>> (that lead to encoding of messages during flight in some cases).
>>
>> This is the sort of issue we're still grappling with.  My current 
>> theory is that the "checksum" should be computed on a canonicalized 
>> version of the message that undoes all transport encodings and 
>> perhaps even ignores the purely syntactic elements of the MIME 
>> structure (e.g. the boundary line)
>
> So, how are we supposed to handle the case where MTA's do add 
> multipart/signature wrappers already today? That add a 
> multipart/signature wrapper around the message as we have it today. 
> Are we 100% sure the unwrapping will leave exactly the same number of 
> bytes (and the same bytes) at the other end of the "tunnel"?
>
> I am so nervous we are optimizing either for old crap systems that can 
>  not handle MIME or for the new ones that do the right thing. That we 
> can not do both, and that we will choose to optimize for the systems 
> that are old and broken.
>
>> Does this help at all? -- Nathaniel
>
> Yes, it is exactly the correct direction to go with this discussion.
>
>    paf
>

More information about the massanity mailing list