On Tue, 18 Dec 2007 19:19:28 -0000, Douglas Otis <dotis(_at_)mail-abuse(_dot_)org>
wrote:
On the contrary, less confidence on what a true NO signature condition
provides.
This dubious strategy provides a significant incentive for bad actors to
insert "bogus" DKIM signatures.
Would it matter whether the signature hash is valid, but the signature
is not?
Would it matter whether the hash is wrong, but the signature matches
with the invalid hash?
What level of forensics should invalid signatures entail?
What is reasonable to expect of a DKIM verifier's resources?
That is a matter for the verifier to decide. It is none of our business.
If a verifier believes he can give a better service to his clients (less
false positives, perhaps) by distinguishing whether the failure was in the
body hash or in the header hash, or even by trying to reverse engineer the
changes that had caused the previously good signature to become bad, then
he is welcome to try.
The only way to ensure DKIM signatures are not abused requires NOT
giving _invalid_ signatures _any_ credit over that of _no_ signatures.
The base draft specifically declares "no" signature is equivalent to
"invalid" signatures. A means to ensure your outbound MTA is not seen
as producing "bogus" signatures requires removal of known invalid
signatures. This mode of protection therefore means advice given in the
DKIM base specifications regarding interpretation are ill-considered.
Some like to learn the hard way.
-1 (or even -99)
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html