ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Not exactly not a threat analysis

2005-08-16 16:50:24
from [domainkeys-feedbackbase02] [Permanent Link] 
I am guessing here that the envelope address can be included in
the signature.  This allows a binding between the envelope data
and the message data.  May be useful in replay detection and
provides clear indication of what is presented in the envelope
vs the data (for forensic and auditing purposes).


This idea has been kicked around a few times. You can essentially audit the
changes in RCPT TO as the email transits the system and if an unbroken lineage
goes all the way back to the content - you know you have a bona-fide
non-reinjected message.

There are three issues with this: First the assumption that the first RCPT TO
is derived from 2822; second, multiple recipient mail - as an SMTP optimization
goes away; three, BCC: mail would need to include a BCC: header.


Mark.

_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] linkage between "originator" and "handling agent", Douglas Otis
Next by Date:  Re: [ietf-dkim] Not exactly not a threat analysis, Douglas Otis
Previous by Thread:  Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood
Next by Thread:  Re: [ietf-dkim] Not exactly not a threat analysis, Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]