ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] NEW ISSUE: Restriction to posting by first Author breaks email semantics

2007-12-11 06:56:22
Charles Lindsey wrote:
On Mon, 10 Dec 2007 14:57:14 -0000, Eliot Lear <lear(_at_)cisco(_dot_)com> 
wrote:

Dave,

     The underlying problem is with coupling the From field to the
DKIM signature.  At most, the Sender value should be used.


It would indeed be nice to use the Sender field, but I would be
concerned about the Sender field not at least matching one of the
domains of one of the RFC2822.From lines, lest someone attempt to bypass
the tests by inserting a Sender.  But then we need an extra rule in the
state machine.  Perhaps it is better to explicitly deprecate multiple
From lines?  As UIs have developed they really don't index well against
multiple From lines anyway.

I think if the Sender matches one of the From addresses, and is itself
signed, that should be regarded as a valid originator signature, even
though it doesn't match the first.

On the other hand, one could argue that this could be used as a form of
attack - that I Mr. Spammer insert a From line, a Sender line AND a
signature, with my main objective being to get mail in as some OTHER
From (like a bank or Ebay), knowing that a particular UI is only going
to represent (first|last) From.  Remember, a lot of this boils down to
how this stuff gets represented to the end user.  And I would argue that
an abundance of caution is needed, where we err on the side of
protecting the recipient.

In the end I stick with my preferred way forward: deprecate multiple
From lines.

Eliot
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>