ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Threat analysis kickoff

2005-11-16 12:49:32

On Nov 15, 2005, at 10:07 PM, Jim Fenton wrote:

Here are a few to think about:

- Replay (reputation "joe-job" and advertising subcategories)
- Body munging (attacks against canonicalization)
- Mishandling of messages with broken signatures
- Denial of service (several possibilities here)
- Privacy (leaking info to sender about recipient)
- Hash collisions
- Private key mis-appropriation/theft
- Publication of bogus key records
- De-publication of legitimate key records
- Look-alike domains (including internationalized domain names)

Are you intending to limit the scope of the replay problem?
It would seem the hash issue would be beyond the scope of this WG.

1) Timing-attack. See the threat review for where this may still affect DKIM. (VM)

2+) DoS strategies preserving the name-space advantage offered by DKIM. Can there be a slow response attack?

 3) Multiple signatures.

4) Direct examination of signature header. (Preventing obfuscation techniques)

 5) Positional obfuscation, (if SSP remains).

 6) Isolating compromised systems. (The bane of the Internet.)

 7) Response to new (throw-away) domains.

 8) Key flooding.

 9) Key delegation.

 -Doug










_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>