On Jul 25, 2010, at 12:10 PM, Alessandro Vesely wrote:
Hi Murray,
Just brainstorming here...
Yeah, we need some... However, I guess the hosting-list field has been
stormed away as a side-effect :-) I cc ASRG --you probably meant that one.
What about a new body canonicalization called "simple-mime" (and maybe
"relaxed-mime", with the obvious difference) that does the following:
- adds to the signature a list of MIME types that defines the list of parts
that got signed and in which order
If an attachment is dropped --or replaced with some boilerplate about the
types of allowed attachments-- it may still be useful to verify the integrity
of the rest of the message.
The point of DKIM is not to verify the integrity of the message. That's just a
side-effect of protection against replay attacks.
We sign the body content in DKIM just to avoid replay attacks - where an
attacker takes a validly signed message and replaces the content with their own
or adds to the existing content without invalidating the signature.
If you allow any modification of the MIME structure - such as replacing an
attachment with some boilerplate - in a way that allows an attacker to add to
or modify the content that is accessible to the recipient without invalidating
the DKIM signature then you're opening up that attack vector.
Murray is talking about a canonicalization that's robust against encoding
changes, which is a very different thing.
Cheers,
Steve
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg