Re: [ietf-dkim] Features that could be reconsidered as part of the bis p

ietf-dkim

Re: [ietf-dkim] Features that could be reconsidered as part of the bis process

2009-05-20 19:57:59

Steve Atkins wrote:

On May 20, 2009, at 4:31 PM, Michael Thomas wrote:

Steve Atkins wrote:

On May 20, 2009, at 3:57 PM, Michael Thomas wrote:

Steve Atkins wrote:

Remember that we're considering the content of the message as    
displayed to the end user here,

No we're not. That has never been in the scope of the DKIM effort.

Even if it weren't section 8.1 of the existing RFC, it's pretty   
obvious that a security issue that allows an attacker to create a   
validly signed email with their own content without access to the   
associated private key would be in scope for discussion.

 They cannot alter the signed text.


They can't alter the signed *bytes*. They *can* alter the signed text.  
That's the crux of the issue.


No they can't. At least not without invalidating the signature.

Crux dismissed.

                Mike
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, (continued) Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Douglas Otis Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Michael Thomas Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Michael Thomas Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Michael Thomas Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Michael Thomas Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Michael Thomas <= Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Hector Santos Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, SM Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Murray S. Kucherawy Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Michael Thomas Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Douglas Otis Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Eliot Lear Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Eliot Lear Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Dave CROCKER Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Eliot Lear Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Dave CROCKER

Previous by Date:	Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins
Next by Date:	Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Douglas Otis
Previous by Thread:	Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins
Next by Thread:	Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Hector Santos
Indexes:	[Date] [Thread] [Top] [All Lists]