ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] DKIM does not claim content is correct

2009-01-27 13:49:45
from [Dave CROCKER] [Permanent Link] 


Suresh Ramasubramanian wrote:

2. DKIM signs all the headers and validation of that hash tends to be
useful to verify grandma is who she is.  Or at least its her, or its
comrade botmaster who's just taken over grandma's PC.



This is a common misunderstanding of DKIM:

1. DKIM doesn't have to sign all the header fields.

2. Independent of how much or little it signs, a DKIM signature does not mean 
that any of the content is "valid", merely that data integrity has been 
maintained.  In particular, there is nothing that says that the author field 
accurately states who created the message.

What is delivered can be verified as what was sent.  But what was sent is still 
free to be incorrect.

d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] RFC4871bis, Suresh Ramasubramanian
Next by Date:  Re: [ietf-dkim] draft Errata on RFC 4871, SM
Previous by Thread:  Re: [ietf-dkim] RFC4871bis, Suresh Ramasubramanian
Next by Thread:  Re: [ietf-dkim] DKIM does not claim content is correct, J.D. Falk
Indexes:  [Date] [Thread] [Top] [All Lists]