4.1. Attacks Against Message Signatures
...
| Chosen message replay | Low | M/
H |
| Signed message replay | Low |
High |
It is not clear how these two message replay exploits remain a low
impact. Obviously, just as with a compromised key, messages from a
bad actor accrue to the exploited domain. Neither a highly repeated
signature nor From email-address are useful mechanisms for detecting
these types of exploits. Valid messages sent from various types of
lists will exhibit the same characteristics as a message replay. Key
revocation, reputation, or accreditation will also be too slow to
respond to these exploits. If there is another explanation, then it
should be added in the respective sections.
Change to:
| Chosen message replay | Low* | M/
H |
| Signed message replay | Low* |
High |
* The low impact assessment assumes the signing domain's accrual is
not classified as a basis for acceptance.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html