ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?

2005-08-26 15:20:25
from [Jim Fenton] [Permanent Link] 
Earl Hood wrote:


On August 25, 2005 at 09:22, Jim Fenton wrote:
The intent of restricting third-party signatures is to prevent messages signed by mailing lists and the like (and particularly by attackers posing as such) from being considered verified if there isn't also a valid OA signature. 

Exactly.  This is why third-party signing should never be enabled.
As DKIM is defined now, no OA should ever enable 3rd-party signing.
This means that any message that is modified in transit, such as those that pass through this mailing list, would never be considered valid. Some domains are more concerned with making sure their message gets through than with the possibility that a third-party signature might be exploited.
For those where this would matter, then making the assertion should be required. 
You are assuming that a domain owner is aware of DKIM.  When DKIM is
deployed, you cannot require all domain owners to set up SSP records
immediately.
I'm confused about who's saying what, apparently. I thought you (Earl) were advocating a default SSP of "I don't sign anything" which would require the SSP to be set up at the same time as the selectors. 

My statement refers to the default assumption made in the SSP draft
about a non-existent SSP record.  The draft states,

 If the Sender Signing Policy record does not exist, verifier systems
 MUST assume that some messages from this entity are not signed and
 the message SHOULD NOT be considered to be Suspicious.

Nothing is said about a valid (non-OA) signature when no SSP record
exists.
When the OA isn't signing everything, I don't understand how policy that relates to how others apply third-party signatures to those messages is useful. 


Earlier in the draft,

 Verifiers checking messages that do not have at least one valid
 signature MUST perform a Sender Signing Policy Check by doing a
 DNS query to the domain specified by the Originator Address.

Should it state, "do not have at least one valid *OA-based*
signature..."?  Otherwise, if the only signature is a valid third-party
signature, no SSP check is required.
I agree. That looks like a bug in the spec. An OA-based signature is required to bypass the SPC. 

-Jim


_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] Re: accountability, resenders, and replay, Keith Moore
Next by Date:  [ietf-dkim] Purpose and sequence for DKIM specification and deployment, Dave Crocker
Previous by Thread:  Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood
Next by Thread:  Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood
Indexes:  [Date] [Thread] [Top] [All Lists]