ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Re: draft-ietf-dkim-base-09 submitted

2007-02-12 02:49:07


Frank Ellermann wrote:
Eric Allman wrote:

the changes are all responses to IESG comments.

I've certainly no clue what an "ASCII art attack" is (3.4.4).

Relaxed reduces runs of whitespace to one space. Say you have
a message with loads of spaces on the left of a line, with the
non-whitespace message (some spamtext) off to the right of the
screen. Now if you can get that signed (say via some bounce
processor or whatever), then you can remove those runs of
whitespace and have a viewable spam,e.g. "B U Y E LL ER MAN N".
I'm sure there're loads of variants.

Not a very compelling attack, but the feeling from IESG
comments was that adding the warning was useful enough.

Cheers,
S.
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>