| From: | Andrew Sullivan <ajs(at)crankycanuck(dot)ca> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: To all who wish to unsubscribe |
| Date: | 2017-11-21 18:39:13 |
| Message-ID: | 20171121183913.iway4wzynzn2q7k4@crankycanuck.ca |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-www |
On Mon, Nov 20, 2017 at 02:46:08PM -0800, Steve Atkins wrote:
> That's poor practice, for several reasons - replay attacks with added content
> and it being an extremely rare practice that's likely to trigger bugs in DKIM
> validation are two. The latter is the much bigger deal.
>
> It also doesn't help much for most MIME encoded mail (including base64
> encoded plain text, like the mail I'm replying to).
>
> Pretending those paragraphs aren't there is the right thing to do.
Yes. Also the DMARC and forthcoming ARC mechanisms -- super important
for people behind gmail and yahoo and so on -- make that feature not
really work, AFAICT. I think that part of DKIM is busted, and the
authors of it I've talked to seem to agree.
A
--
Andrew Sullivan
ajs(at)crankycanuck(dot)ca
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Igor Korot | 2017-11-21 18:44:48 | Re: Nightmare? was unsubscribe |
| Previous Message | Andrew Sullivan | 2017-11-21 18:34:55 | migrations (was Re: To all who wish to unsubscribe) |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2017-11-21 18:48:50 | Re: migrations (was Re: To all who wish to unsubscribe) |
| Previous Message | Andrew Sullivan | 2017-11-21 18:34:55 | migrations (was Re: To all who wish to unsubscribe) |