Re: [ietf-dkim] Why mailing lists should strip DKIM signatures

ietf-dkim

Re: [ietf-dkim] Why mailing lists should strip DKIM signatures

2010-04-28 13:55:33



On 4/28/2010 10:36 AM, Jeff Macdonald wrote:

I think this has been covered before. And maybe I misunderstood you
again, but just to be sure:

From:<someone(_at_)i-trust(_dot_)com>
DKIM-Signature: ... d=phisher-i-dont.com;

Say the signature validates. I'm pretty sure DKIM does not have any
assurances about the validity of the message contents, and that would
include the From header. It just validates that it came from the
signer.



The mere fact of signature validation must never, ever, ever, EVER be the basis 
for making a decision, except whether to pass the validation information on to 
a 
decision-making engine the employs ADDITIONAL information, such as reputation 
or 
independent registration (eg, an FBL.)

d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] mailing list doc, was Wrong Discussion - was Why mailing lists should strip DKIM signatures, (continued) Re: [ietf-dkim] mailing list doc, was Wrong Discussion - was Why mailing lists should strip DKIM signatures, John Levine Re: [ietf-dkim] mailing list doc, was Wrong Discussion - was Why mailing lists should strip DKIM signatures, Murray S. Kucherawy [ietf-dkim] Broken signatures, was Why mailing lists should strip them, Alessandro Vesely Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them, SM Re: [ietf-dkim] Broken signatures, was Why mailing lists should strip them, Alessandro Vesely Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Jeff Macdonald Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Alessandro Vesely Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Jeff Macdonald Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Alessandro Vesely Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Jeff Macdonald Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Dave CROCKER <= Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Douglas Otis Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, McDowell, Brett Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Murray S. Kucherawy Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Douglas Otis Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, John Levine Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Jeff Macdonald Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Murray S. Kucherawy Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, McDowell, Brett Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Dave CROCKER Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, McDowell, Brett

Previous by Date:	Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, John R. Levine
Next by Date:	Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Alessandro Vesely
Previous by Thread:	Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Jeff Macdonald
Next by Thread:	Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Douglas Otis
Indexes:	[Date] [Thread] [Top] [All Lists]