ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Not an issue: multiple From headers

2008-06-19 09:32:57
On Wed, 18 Jun 2008, ietf-dkim-request(_at_)mipassoc(_dot_)org wrote:
[ not about ADSP, about DKIM ]

An acquaintance points out that one could prepend an extra From: or 
Subject: header to a DKIM signed message, which wouldn't break the 
signature, but would often be displayed by MUAs which show the new one 
rather than the old one.  Needless to say, that weakens the practical 
benefit of DKIM for people with MUAs like that.

It could break the signature.  Presumably the original message signed the 
first From: header field.  Depending on the placement of the new one, the 
verifier might use the new one or might use the old one.  That will affect 
the validation process.

My theory is that DKIM only applies to valid 2822 messages, and it's not 
a substitute for a sanity check for all the screwy things one can send 
in a non-conformant message.  Perhaps it would be a good idea someday to 
collect experience and advice into an implmentation guide, but other 
than that, it's not our problem.  Agreed?

+1, and I would go even further to say that we should have an errata item 
against RFC4871 which says we should add that DKIM presumes a 
properly-formed RFC2822-style message, and that its application to other 
messages produces undefined results.
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html