Steve Atkins wrote:
If a signer uses l=0 (or, given MIME games that can
be played, any other l= value) then the only thing you can say
about any validly signed message from that sender is that
the subject line of the message is the same as the subject line
of a message that sender signed. I don't think that's a useful
level of protection for any use case.
It means that I can, for example, take one copy of a service notice
from my bank, leave the headers the same and replace the URLs
in the body of the message to links to my website, then send it
out to a hundred thousand people - and it would be validly signed
by the bank. (The only user-visible content I wouldn't be able to
change is the subject line).
This sounds like a plausible and serious scenario. Even with l>0, it suggests
a
line of attack -- by adding malicious text that appears to be part of the bank
notice.
What is the counter-argument, in favor of retaining l= ?
Is there any evidence it is being used? Is there any evidence it is treated
usefully by receivers?
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html