On May 20, 2009, at 2:17 PM, Michael Thomas wrote:
Steve Atkins wrote:
Why would you want to sign email as something you vouched for,
while still enabling anyone to replace the content of the email
with something else without invalidating that signature?
You can't replace it; you can only append to it.
That's likely wrong, depending on the details of the l= usage.
Firstly, one expressed use case for l= is "l=0" - in other words, don't
sign any of the body. In that case I can put any body content in there
I like, and it'll still be validly signed.
Another use case is to use l= to sign a text part of an email, but not
to sign an attachment. In that case I can obviously replace the
attachment
with my own content, but depending on the details of the email structure
I may well be able to replace the text section as rendered to the user
as well.
Another use case is to set l= to the entire length of the email as sent.
This case is a little less nonsensical than the others (though the
supposed
benefit it offers is not clear). I can still append raw content.
Depending on
the structure of the email I may well be able to have that appended
content
displayed in place of the original content. This is harder to exploit
such that
you can entirely replace the original content than the other cases,
but given
multipart mime and html there's no way I'd say it's impossible.
(And, if we're talking phishing attacks, which is one of the supposed
risks,
then I can put a very effective phishing attack in just the footer of
a message
anyway - the place people expect to find "Contact Us" or "Log in to your
account" or "Secure your access" links).
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html