Re: [ietf-dkim] Eat all CR/LF - STRIP Canonicalization Method


----- Original Message -----
From: "Mark Delany" <MarkD+dkim(_at_)yahoo-inc(_dot_)com>
To: <ietf-dkim(_at_)mipassoc(_dot_)org>
Sent: Tuesday, July 25, 2006 1:37 AM
Subject: Re: [ietf-dkim] Eat all CR/LF - STRIP Canonicalization Method

Right. But a bad guy can modify the original content and it will still
verify with STRIP.


I missed this subtle point.

The only thing that could be modified by El Malo,  are CR/LF characters.
Nothing else can be modified without destroying the signature.

We lose nothing from a STRIP method, as long as the original BODY hash is
added to the scheme to help detect original body integrity changes of any
kind.

What is gained in increase survivability of the signature hashing, something
we don't have now with any degree of confidence.

Look,  I can't help but think if it was anyone else making this suggestion,
you wouldn't be able to kept up with this thread.    What a shame, it is
more important to push out a faulty spec than to fix the problem to make
DKIM more robust and acceptable.

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com









_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

RE: [ietf-dkim] The URL to my paper describing the DKIM policy options, Douglas Otis

Next by Date:

Re: [ietf-dkim] The URL to my paper describing the DKIM policy options, Michael Thomas

Previous by Thread:

Re: [ietf-dkim] Eat all CR/LF - STRIP Canonicalization Method, Hector Santos

Next by Thread:

Re: [ietf-dkim] Eat all CR/LF - STRIP Canonicalization Method, Stephen Farrell

Indexes:

[Date] [Thread] [Top] [All Lists]