On Wed, 20 Aug 2003, Yakov Shafranovich wrote:
I think the only really significant semantic suggestion I'm making
is that a hash of the body of a message should be included to
prevent forgeries of level-two systems.
That has been mentioned before and is a pretty good idea. It also
alleviates some privacy concerns since the originating MTA/MUA does not
have to store copies of messages, but can store MD5 hashes instead.
Using a hash is an obvious thing to do, but it begs the question of exactly
what you're hashing. You can't safely hash the entire message because the
headers change on every hop, at least for Received: lines. Other headers
might be mangled or normalized as well. You can ignore the header, but it
would be good to validate parts of it. Even if you just hash the body, you
have to be concerned about the message being mangled by intermediate MTAs.
Now, you could Base64-encode the content to protect it against mangling,
but that renders the plaintext of the message unreadable. You could strip
out all characters but the ones used for Base64 encoding, and hash that.
Perhaps quoted-printable encoding would be another semi-readable option.
PGP has to deal with this issue for "clear-signed" messages -- how does it
address this issue? (Or does it depend on the body not getting mangled to
be able to verify the signature?)
Of course, another option is to simply use PGP. This seems the obvious
answer for mailing lists -- the mailing list should clear-sign all valid
messages with a private key used only for that mailing list, and have the
user whitelist that PGP key (perhaps by keeping a copy signed with their
own PGP key?) -- then no spammer could forge messages appearing to be from
that mailing list...
Deven
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg