On Nov 15, 2005, at 10:07 PM, Jim Fenton wrote:
Here are a few to think about:
- Replay (reputation "joe-job" and advertising subcategories)
- Body munging (attacks against canonicalization)
- Mishandling of messages with broken signatures
- Denial of service (several possibilities here)
- Privacy (leaking info to sender about recipient)
- Hash collisions
- Private key mis-appropriation/theft
- Publication of bogus key records
- De-publication of legitimate key records
- Look-alike domains (including internationalized domain names)
Are you intending to limit the scope of the replay problem?
It would seem the hash issue would be beyond the scope of this WG.
1) Timing-attack. See the threat review for where this may still
affect DKIM. (VM)
2+) DoS strategies preserving the name-space advantage offered by
DKIM. Can there be a slow response attack?
3) Multiple signatures.
4) Direct examination of signature header. (Preventing obfuscation
techniques)
5) Positional obfuscation, (if SSP remains).
6) Isolating compromised systems. (The bane of the Internet.)
7) Response to new (throw-away) domains.
8) Key flooding.
9) Key delegation.
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org