[ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not ex

In the DKIM SSP draft, the following is stated:

  If the Sender Signing Policy record does not exist, verifier systems
  MUST assume that some messages from this entity are not signed and
  the message SHOULD NOT be considered to be Suspicious.

I'm wondering if this a safe policy to assert, especially in the
context of past SSP discussions on ietf-mailsig where the SSP may
need to be examined always, and not just for invalid signatures.

Why is it not safe?  Because a malicious domain can send out messages
with forged rfc2822.From addresses where the domain portion does not
have any SSP defined.  Therefore, when a DKIM verifier checks the
SSP for rfc2822.From, the message would not be considered suspicious
since no SSP record is available.

IMHO, if no SSP records is defined for the OA, then messages from
the OA must be considered to never be signed, and any signed message
should be considered suspicious.

--ewh
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft), Michael Thomas

Next by Date:

Re: [ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft), Eric Allman

Previous by Thread:

[ietf-dkim] How to solve replay with no specification changes, Hallam-Baker, Phillip

Next by Thread:

Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, John Levine

Indexes:

[Date] [Thread] [Top] [All Lists]