Skip to main content

RFC 4871 DomainKeys Identified Mail (DKIM) Signatures -- Update
RFC 5672

Revision differences

Document history

Date Rev. By Action
2015-10-14
07 (System) Notify list changed from dkim-chairs@ietf.org, draft-ietf-dkim-rfc4871-errata@ietf.org to (None)
2012-08-22
07 (System) post-migration administrative database adjustment to the No Record position for Cullen Jennings
2012-08-22
07 (System) post-migration administrative database adjustment to the No Objection position for Tim Polk
2012-08-22
07 (System) post-migration administrative database adjustment to the No Objection position for Adrian Farrel
2009-08-27
07 Cindy Morgan State Changes to RFC Published from RFC Ed Queue by Cindy Morgan
2009-08-27
07 Cindy Morgan [Note]: 'RFC 5672' added by Cindy Morgan
2009-08-26
07 (System) RFC published
2009-07-23
07 (System) IANA Action state changed to No IC from In Progress
2009-07-23
07 (System) IANA Action state changed to In Progress
2009-07-23
07 Amy Vezza State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza
2009-07-23
07 Cindy Morgan IESG state changed to Approved-announcement sent
2009-07-23
07 Cindy Morgan IESG has approved the document
2009-07-23
07 Cindy Morgan Closed "Approve" ballot
2009-06-26
07 (System) New version available: draft-ietf-dkim-rfc4871-errata-07.txt
2009-06-26
07 Adrian Farrel [Ballot Position Update] Position for Adrian Farrel has been changed to No Objection from Discuss by Adrian Farrel
2009-06-25
07 Cullen Jennings [Ballot Position Update] Position for Cullen Jennings has been changed to Undefined from Discuss by Cullen Jennings
2009-06-16
07 Cullen Jennings
[Ballot discuss]
First thanks to the WG for trying to address the problem I had raised. I had assumed nothing would be done to try …
[Ballot discuss]
First thanks to the WG for trying to address the problem I had raised. I had assumed nothing would be done to try and correct so I just put abstain as clearly some people felt the document was worth publishing but as we are trying to fix or clarify this, let me be more explicit.

My focus is mostly on what this errata means to implementations in the field. That would be implementations of both DKIM the narrow signing protocol and implementations that use the information DKIM provides. I think the document should be clear on

1) what is the interoperability problem. Can someone succinctly summarize this? When I read the document, I get that there is a problem but it less clear what it is or why some implementation would end up doing something that did not work with other implementations.

2) what needs to be changed in implementations to fix this? Again, can anyone susinctly summarize this. I do not think an implementor that did not follow the list could easily read the current draft and figure out if there code was OK or not and what changes where needed to their code to make it OK

3) does the WG have consensus on this change. When I read the list I am seeing several people that I view as very knowledgeable about this from more than one company who don't seem to be on the same page. I'm not suggesting that I understand the discussion well enough to even be sure if they are saying they support the change or not.

4) is the change within scope of the WG
2009-06-16
07 Cullen Jennings [Ballot Position Update] Position for Cullen Jennings has been changed to Discuss from No Objection by Cullen Jennings
2009-06-16
07 Cullen Jennings [Ballot Position Update] Position for Cullen Jennings has been changed to No Objection from Abstain by Cullen Jennings
2009-06-10
06 (System) New version available: draft-ietf-dkim-rfc4871-errata-06.txt
2009-06-05
07 (System) Removed from agenda for telechat - 2009-06-04
2009-06-04
07 Cindy Morgan State Changes to IESG Evaluation::AD Followup from IESG Evaluation by Cindy Morgan
2009-06-04
07 Tim Polk [Ballot Position Update] Position for Tim Polk has been changed to No Objection from Undefined by Tim Polk
2009-06-04
07 Tim Polk [Ballot Position Update] Position for Tim Polk has been changed to Undefined from Discuss by Tim Polk
2009-06-04
07 Cullen Jennings
[Ballot comment]
I asked three implementors to have a look at this and let me know what changes might be needed to an 4871 implementation …
[Ballot comment]
I asked three implementors to have a look at this and let me know what changes might be needed to an 4871 implementation to make the code complaint with this errata. They all told me this document was completely incomprehensible and they have no idea what needs to change.

I suspect this draft says more than "you MUST have a (d=) and you MAY have (i=)", but I have missed it.
2009-06-04
07 Cullen Jennings [Ballot Position Update] New position, Abstain, has been recorded by Cullen Jennings
2009-06-04
07 Cullen Jennings
[Ballot comment]
I asked three implementors to have a look at this and let me know what changes might be needed to an 4871 implementation …
[Ballot comment]
I asked three implementors to have a look at this and let me know what changes might be needed to an 4871 implementation to make the code complaint with this errata. They all told me this document was completely incomprehensible and they have no idea what needs to change.

I suspect this  draft says anything more than "you MUST have a (d=) and you MAY have (i=)",  but I have missed it.
2009-06-04
07 Tim Polk
[Ballot discuss]
This is a discuss for ADs only and is not being forwarded to the chairs or authors.

Like many others, I find the …
[Ballot discuss]
This is a discuss for ADs only and is not being forwarded to the chairs or authors.

Like many others, I find the format of this document less useful than republishing
4871 with the changes.  However, I understand the reasons people prefer to process
them this way.

Is there any reason we can't direct the RFC Editor to make the noted changes to the text
in 4871 and republish the whole document?  (Okay, I can think of one - the boilerplate.
Any others?)
2009-06-04
07 Tim Polk [Ballot Position Update] New position, Discuss, has been recorded by Tim Polk
2009-06-04
07 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded by Jari Arkko
2009-06-04
07 Jari Arkko
[Ballot comment]
Can the indentation of the various pieces of ABNF be fixed? I'd hate anyone to submit an errata against this RFC...

Personally, I …
[Ballot comment]
Can the indentation of the various pieces of ABNF be fixed? I'd hate anyone to submit an errata against this RFC...

Personally, I would have been much happier to see this as a full
document obsoleting the original RFC. I realize people sometimes fear
such an action when other issues and redesign might be done as soon
as a document is "opened". But there is no reason for that, and I think
we have a responsibility to the readers of our RFCs to produce clear,
up-to-date specs, and not a patchwork of erratas.
2009-06-04
07 Jari Arkko [Ballot comment]
Can the indentation of the various pieces of ABNF be fixed? I'd hate anyone to submit an errata against this RFC...
2009-06-03
07 Ross Callon [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon
2009-06-03
07 Robert Sparks [Ballot Position Update] New position, No Objection, has been recorded by Robert Sparks
2009-06-03
07 Dan Romascanu [Ballot comment]
I support Adrian's DISCUSS and COMMENT.
2009-06-03
07 Dan Romascanu [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu
2009-06-03
07 Lisa Dusseault [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault
2009-06-03
07 Ron Bonica [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica
2009-06-03
07 Lars Eggert
[Ballot comment]
I don't understand what the advantage of an "errata RFC" is over the normal collection RFC Editor erratas. (I mean, I expect Alfred …
[Ballot comment]
I don't understand what the advantage of an "errata RFC" is over the normal collection RFC Editor erratas. (I mean, I expect Alfred within days to file an errata on this errata RFC...)

If a new RFC is desired, I'd much rather see a comprehensive update that would obsolete 4821.
2009-06-03
07 Lars Eggert [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert
2009-06-02
07 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley
2009-06-02
07 Ralph Droms [Ballot Position Update] Position for Ralph Droms has been changed to No Objection from Undefined by Ralph Droms
2009-06-02
07 Ralph Droms [Ballot Position Update] Position for Ralph Droms has been changed to Undefined from No Objection by Ralph Droms
2009-06-02
07 Ralph Droms [Ballot Position Update] New position, No Objection, has been recorded by Ralph Droms
2009-06-02
07 Ralph Droms
[Ballot comment]
Generally, +1 to the request for clarity about section 4-8 adding new sections to RFC 4871.

I'm also looking forward to discussion …
[Ballot comment]
Generally, +1 to the request for clarity about section 4-8 adding new sections to RFC 4871.

I'm also looking forward to discussion of relative merits of revising RFC 4871 and publishing this doc as a new RFC.

Really minor nit: is there any significance to the different indentation styles used throughout the doc?

In:

9.  RFC4871 Section 3.5 The DKIM-Signature Header Field

  [...]
  Corrected Text:

      d=

        Specifies the SDID claiming responsibility for an introduction
        of a message into the mail stream (plain-text; REQUIRED).  This
        is the domain that will be queried for the public key.

...what is the "This" in "This is the domain..."?  The domain identified by the SDID?
2009-05-31
07 Adrian Farrel
[Ballot discuss]
A nice simple, easy-to-fix Discuss.

Sections 4 through 8 make references to sections 2.7 through 2.11 of RFC 4871.

But those sections …
[Ballot discuss]
A nice simple, easy-to-fix Discuss.

Sections 4 through 8 make references to sections 2.7 through 2.11 of RFC 4871.

But those sections do not exist in RFC 4871.

Could you make it clearer that, as well as this text being "Additional text.", you are defining "Additional Section."

Similarly in your section 12 about a new section 3.9.
===

There are several Errata filed at http://www.rfc-editor.org
A number of these have been Verified.
Why are these not addressed at the same time?
2009-05-31
07 Adrian Farrel
[Ballot discuss]
A nice simple, easy-to-fix Discuss.

Sections 4 through 8 make references to sections 2.7 through 2.11 of RFC 4871.

But those sections …
[Ballot discuss]
A nice simple, easy-to-fix Discuss.

Sections 4 through 8 make references to sections 2.7 through 2.11 of RFC 4871.

But those sections do not exist in RFC 4871.

Could you make it clearer that, as well as this text being "Additional text.", you are defining "Additional Section."

Similarly in your section 12 about a new section 3.9.
2009-05-31
07 Adrian Farrel [Ballot Position Update] New position, Discuss, has been recorded by Adrian Farrel
2009-05-31
07 Adrian Farrel
[Ballot comment]
This comment is perilously close to a Discuss!
I agree with Alexey that I would have prefered a revision of 4871.
I assume …
[Ballot comment]
This comment is perilously close to a Discuss!
I agree with Alexey that I would have prefered a revision of 4871.
I assume that the WG and advising ADs have discussed this and have a Good Reason (TM) for not revising an RFC.
To me, however, it is non-intuitive why we would create a second normative RFC when a single one could be constructed.

In particular, I am uncomfortable with an update to the Abstract of another RFC.
2009-05-29
07 Alexey Melnikov [Ballot Position Update] New position, No Objection, has been recorded by Alexey Melnikov
2009-05-29
07 Alexey Melnikov
[Ballot comment]
I wish you have done a revision of RFC 4871. But I trust this was discussed in the WG.


In Section 9: …
[Ballot comment]
I wish you have done a revision of RFC 4871. But I trust this was discussed in the WG.


In Section 9:

  Corrected Text:

[...]

        ABNF:

                      sig-d-tag  = %x64 [FWS] "=" [FWS] domain-name
  domain-name = sub-domain 1*("." sub-domain)
                ; from RFC 2821 Domain, but excluding
                  address-literal

Indentation is wrong (not a big deal).

I also suggest you reference RFC 5321 in the comment above.


In Section 12:

      INFORMATIVE DISCUSSION: This document does not require the value
      of the SDID or AUID to match the identity in any message header
      fields.  This is considered to be an assessor policy issue.
      Constraints between the value of the SDID or AUID and other
      identities in other header fields seek to apply basic
      authentication into the semantics of trust associated with a role
      such as content author.

I've reread the last quoted sentence 4 times and still don't know what it means. Is any word missing? Or maybe this sentence can be split into multiple?
2009-05-26
07 Pasi Eronen State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Pasi Eronen
2009-05-25
07 Pasi Eronen Placed on agenda for telechat - 2009-06-04 by Pasi Eronen
2009-05-25
07 Pasi Eronen Note field has been cleared by Pasi Eronen
2009-05-25
07 Pasi Eronen [Ballot Position Update] New position, Yes, has been recorded for Pasi Eronen
2009-05-25
07 Pasi Eronen Ballot has been issued by Pasi Eronen
2009-05-25
07 Pasi Eronen Created "Approve" ballot
2009-05-25
05 (System) New version available: draft-ietf-dkim-rfc4871-errata-05.txt
2009-05-24
07 Samuel Weiler Request for Last Call review by SECDIR Completed. Reviewer: Tom Yu.
2009-05-08
07 (System) State has been changed to Waiting for AD Go-Ahead from In Last Call by system
2009-05-01
07 Amanda Baber IANA comments:

As described in the IANA Considerations section, we understand
this document to have NO IANA Actions.
2009-04-24
07 Samuel Weiler Request for Last Call review by SECDIR is assigned to Tom Yu
2009-04-24
07 Samuel Weiler Request for Last Call review by SECDIR is assigned to Tom Yu
2009-04-24
07 Amy Vezza Last call sent
2009-04-24
07 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2009-04-24
07 Pasi Eronen State Changes to Last Call Requested from Publication Requested by Pasi Eronen
2009-04-24
07 Pasi Eronen Last Call was requested by Pasi Eronen
2009-04-24
07 (System) Ballot writeup text was added
2009-04-24
07 (System) Last call text was added
2009-04-24
07 (System) Ballot approval text was added
2009-04-23
07 Pasi Eronen
PROTO writeup for draft-ietf-dkim-rfc4871-errata-04

(1.a) Who is the Document Shepherd for this document? Has the
      Document Shepherd personally reviewed this version of …
PROTO writeup for draft-ietf-dkim-rfc4871-errata-04

(1.a) Who is the Document Shepherd for this document? Has the
      Document Shepherd personally reviewed this version of the
      document and, in particular, does he or she believe this
      version is ready for forwarding to the IESG for publication?

Barry Leiba is the document shepherd.
I have reviewed the current version, and I believe it's ready.

(1.b) Has the document had adequate review both from key WG members
      and from key non-WG members? Does the Document Shepherd have
      any concerns about the depth or breadth of the reviews that
      have been performed?

It has.  I have no concerns about the level of review.

(1.c) Does the Document Shepherd have concerns that the document
      needs more review from a particular or broader perspective,
      e.g., security, operational complexity, someone familiar with
      AAA, internationalization or XML?

No.

(1.d) Does the Document Shepherd have any specific concerns or
      issues with this document that the Responsible Area Director
      and/or the IESG should be aware of? For example, perhaps he
      or she is uncomfortable with certain parts of the document, or
      has concerns whether there really is a need for it. In any
      event, if the WG has discussed those issues and has indicated
      that it still wishes to advance the document, detail those
      concerns here. Has an IPR disclosure related to this document
      been filed? If so, please include a reference to the
      disclosure and summarize the WG discussion and conclusion on
      this issue.

No concerns.

(1.e) How solid is the WG consensus behind this document? Does it
      represent the strong concurrence of a few individuals, with
      others being silent, or does the WG as a whole understand and
      agree with it?

The document is a result of work from an ad-hoc design team, which
then brought the document back to the working group.  There was
initially a substantial minority objection, but that objection was
largely converted to acceptance with some alteration in the language.
There's still a small minority that objects, mostly on the grounds
that the document is not needed -- that either no change is needed to
RFC 4871 or a much smaller change would be best -- but there's a clear
and strong consensus in the working group for moving this document
forward.

(1.f) Has anyone threatened an appeal or otherwise indicated extreme
      discontent? If so, please summarise the areas of conflict in
      separate email messages to the Responsible Area Director. (It
      should be in a separate email because this questionnaire is
      entered into the ID Tracker.)

No threats have been made; see 1.e above for a description of
remaining conflict.

(1.g) Has the Document Shepherd personally verified that the
      document satisfies all ID nits? (See
      http://www.ietf.org/ID-Checklist.html and
      http://tools.ietf.org/tools/idnits/). Boilerplate checks are
      not enough; this check needs to be thorough. Has the document
      met all formal review criteria it needs to, such as the MIB
      Doctor, media type and URI type reviews?

Yes.  Note, though, that idnits will show undefined references and
undefined use of RFC 2119 keywords.  That's because the text is
presented as literal updates to text from RFC 4871.  Because the text
is not normative for *this* document, those references, along with the
RFC 2119 boilerplate, do not appear here.

(1.h) Has the document split its references into normative and
      informative? Are there normative references to documents that
      are not ready for advancement or are otherwise in an unclear
      state? If such normative references exist, what is the
      strategy for their completion? Are there normative references
      that are downward references, as described in [RFC3967]? If
      so, list these downward references to support the Area
      Director in the Last Call procedure for them [RFC3967].

There is only one normative reference, to RFC 4871, and no informative
ones.  That is correct, and there are no issues with downward
references.

(1.i) Has the Document Shepherd verified that the document IANA
      consideration section exists and is consistent with the body
      of the document? If the document specifies protocol
      extensions, are reservations requested in appropriate IANA
      registries? Are the IANA registries clearly identified? If
      the document creates a new registry, does it define the
      proposed initial contents of the registry and an allocation
      procedure for future registrations? Does it suggest a
      reasonable name for the new registry? See [RFC5226]. If the
      document describes an Expert Review process has Shepherd
      conferred with the Responsible Area Director so that the IESG
      can appoint the needed Expert during the IESG Evaluation?

There are no IANA considerations for this document.

(1.j) Has the Document Shepherd verified that sections of the
      document that are written in a formal language, such as XML
      code, BNF rules, MIB definitions, etc., validate correctly in
      an automated checker?

There are no formal-language rules in this document.

(1.k) The IESG approval announcement includes a Document
      Announcement Write-Up. Please provide such a Document
      Announcement Write-Up? Recent examples can be found in the
      "Action" announcements for approved documents. The approval
      announcement contains the following sections:

      Technical Summary
        Relevant content can frequently be found in the abstract
        and/or introduction of the document. If not, this may be
        an indication that there are deficiencies in the abstract
        or introduction.

This updates RFC 4871, DomainKeys Identified Mail (DKIM) Signatures.
Specifically the document clarifies the nature, roles and relationship
of the two DKIM identifier tag values that are candidates for payload
delivery to a receiving processing module. The Update is in the style
of an errata entry.

      Working Group Summary
        Was there anything in WG process that is worth noting? For
        example, was there controversy about particular points or
        were there decisions where the consensus was particularly
        rough?

This document arose from an errata report against RFC 4871, and from
attempts to address the issue raised, which required clarification of
some terminology.  After some discussion, it was clear that the
working group is divided as to how extensive the clarification needs
to be, with a significant majority opting for the more extensive
version represented here.  In a spirit of compromise and a desire for
progress, the working group agreed to some changes to the text that
make it acceptable to most of the participants.

      Document Quality
        Are there existing implementations of the protocol? Have a
        significant number of vendors indicated their plan to
        implement the specification? Are there any reviewers that
        merit special mention as having done a thorough review,
        e.g., one that resulted in important changes or a
        conclusion that the document had no substantive issues? If
        there was a MIB Doctor, Media Type or other expert review,
        what was its course (briefly)? In the case of a Media Type
        review, on what date was the request posted?

There is a significant level of deployment of DKIM, as documented by
RFC 4871.  In fact, the existing deployment and good interoperability
is what makes a part of the working group unsure that a clarification
of this nature is necessary.  Nevertheless, discussion within the
working group made it clear to many that there is a significant amount
of disagreement as to what was meant in some less-used areas of RFC
4871
.  The working group believes that these updates will clarify the
terminology and improve chances of interoperability among
implementations that use those features.
2009-04-23
07 Pasi Eronen Draft Added by Pasi Eronen in state Publication Requested
2009-04-21
04 (System) New version available: draft-ietf-dkim-rfc4871-errata-04.txt
2009-04-04
03 (System) New version available: draft-ietf-dkim-rfc4871-errata-03.txt
2009-02-06
02 (System) New version available: draft-ietf-dkim-rfc4871-errata-02.txt
2009-02-02
01 (System) New version available: draft-ietf-dkim-rfc4871-errata-01.txt
2009-01-26
00 (System) New version available: draft-ietf-dkim-rfc4871-errata-00.txt