Nick Ing-Simmons wrote:
[...]
The idea is to "sign" the From: and Message-ID: pair using
a public key scheme, and add the signature as a new header.
[...]
The goal is to allow recipient to have some confidence that mail is
really from the sender without collecting the whole mail, but just
by examining the headers. (Signed mail is all very well
but sucking 5M of spam body to allow me to check it isn't helping
with my bandwidth problem.)
[...]
The idea is that the unique Message-Id is a "challenge" for the sender's
key pair.
As many tools also discard mails with duplicate ids then forger
cannot just re-use signature headers from a previous mail.
Issues I can see are where public key comes from (key server or embedded in
the
mail) and possible size of key and signature data.
Is this worth discussing further?
Probably. There has been some limited discussion about something like
that here; some issues are mentioned in the message archived
at http://www.imc.org/ietf-822/mail-archive/msg03987.html
and a brief outline of how keys might be handled via an SMTP extension is
in http://www.imc.org/ietf-822/mail-archive/msg03941.html
The hashing method needs to be robust in the face of header field rewriting.
Although message-ids are supposed to be unique, not all systems discard messages
with duplicates, permitting a replay attack. Moreover, if an attacker is able
to replay the fields and signature quickly, such that both a genuine message and
a forgery arrive in the same batch, which one gets discarded by a system that
does discard duplicates may depend on order of retrieval.
The From field is probably not the right source for sender information. It may
contain multiple addresses (which key would you use in that case?). A better
choice would be the sender envelope address, which appears in the Return-Path
field on final delivery. However, the sender envelope address may be an empty
path (e.g. for a delivery status notification), so that's not universally
applicable either.
#################################################################
#################################################################
#################################################################
#####
#####
#####
#################################################################
#################################################################
#################################################################