Paul Hoffman wrote:
However, using such limits enables an attack in which a sender with
malicious intent modifies a message to include content that solely
benefits the attacker. It is possible for the appended content to
completely replace the original content in the end recipient's eyes and
to defeat duplicate message detection algorithms....
(dhc) I think the use of "sender" here refers to the signer, but it might
refer to the originator. I'm not sure. Who is really the source of the
threat?
It seems to be clearly that "sender" means "attacker" here. sender ->
attacker
hmm. yeah. but i guess the interesting part is that it means an entity that
handles the message after signing but before delivery. that means it is some
sort of post-signing intermediary (ummm, sender...)
> 5.1 Determine if the Email Should be Signed and by Whom
...
A SUBMISSION server MAY sign if the sender is authenticated by some
secure means, e.g., SMTP AUTH. Within a trusted enclave the signing
address MAY be derived from the header field according to local signer
policy. Within a trusted enclave an MTA MAY do the signing.>>>
(dhc) signer -> submitter
This one confuses me. Did you mean "if the sender is authenticated" ->
"if the submitter is authenticated"?
yes, sorry. i did mean sender -> submitter.
if the submitter is authenticated.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html