On Wed, 29 Jun 2011 18:31:04 +0100, Murray S. Kucherawy
<msk(_at_)cloudmark(_dot_)com> wrote:
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Charles
Lindsey
Sent: Wednesday, June 29, 2011 9:20 AM
To: DKIM
Subject: Re: [ietf-dkim] Pete's review of 4871bis
I agree that 8.14 is poorly written (and it was even worse a while
back).
However, there most certainly IS an attack here, which is NOT the same
as
the related attack discussed in 8.15, and cannot be prevented by putting
extra entries in the 'h=' tag. Unfortunately, many WG members have
failed
to understand the difference between the two.
That's a mischaracterization of the objection. "h=from:from:..." was
not meant to address the attack about which you are complaining.
True, but up to a couple of months ago that was not clear in 8.14/8.15,
and I suspect some WG members still have not caught up with the
distinction.
Nobody has said either of the two variants of this attack are not valid
concerns. The dispute is about what module in the handling of a message
is responsible for detecting and dealing with it.
That is true enough, but there is no indication anywhere as to what
subsequent modules in the chain ARE to be responsible for it, axcept for
ADSP (and I agree with Pete that it is an attack on ADSP); but the WG
seems to have washed its hands of ADSP.
Since the problem exists even with a message that is not DKIM-signed, I
still fail to understand how this is specifically a DKIM problem.
The problem is that an apparently valid signature (albeit atching the
wrong From) is likely to give a false impression of validity somewhere
along the line unless modules down the line are watchig for this case (and
for sure MUAs will not be watching for it for a long time, so it is the
ISPs/boundary agents that need to do it).
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html