Re: [ietf-dkim] MLMs and the use of multipart/alternative to preserve or

On 08/03/2010 06:40 PM, Murray S. Kucherawy wrote:

-----Original Message-----
From: Michael Thomas [mailto:mike(_at_)mtcc(_dot_)com]
Sent: Tuesday, August 03, 2010 9:21 AM
To: Murray S. Kucherawy
Cc: Rolf E. Sonneveld; ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] MLMs and the use of multipart/alternative to
preserve original DKIM signature and at the same time add a new DKIM
signature

But didn't we also say that such reverified signatures don't get any
additional meaning with 'z=' reprocessing?

Sorry, I don't understand.

I guess I don't either.  You're saying use of "l=" and "z=" got your mail-through-lists signature 
verification statistics up to 95%.  However, RFC4871 says "Copied header field values are for diagnostic use" which I 
interpret to mean (and I think discussion on the list back then also agreed) that the information in a "z=" tag isn't 
supposed to contribute to the canonicalization algorithms, but instead can only be used for diagnostic purposes (i.e., "This 
signature failed, and via the 'z=' we know why... but it still failed.").


Furthermore, the use of "l=" is discouraged in RFC4871 and in the MLM draft:

par. 3.5:
<quote>

       INFORMATIVE IMPLEMENTATION WARNING: Use of the "l=" tag might
           allow display of fraudulent content without appropriate
           warning to end users.  The "l=" tag is intended for
           increasing signature robustness when sending to mailing lists
           that both modify their content and do not sign their
           messages.  However, using the "l=" tag enables attacks in
           which an intermediary with malicious intent modifies a
           message to include content that solely benefits the attacker.
           It is possible for the appended content to completely replace
           the original content in the end recipient's eyes and to
           defeat duplicate message detection algorithms.  Examples are
           described in Security Considerations (Section 8  
<http://tools.ietf.org/html/rfc4871#section-8>).  To avoid
           this attack, signers should be extremely wary of using this
           tag, and verifiers might wish to ignore the tag or remove
           text that appears after the specified content length.


</quote>

and

<quote>
A possible mitigation to this incompatibility is use of the "l=" tag
to bound the portion of the body covered by the body hash, but this
not workable for [MIME] messages and moreover has security
considerations (see Section 3.5 of [DKIM]). Its use is therefore
discouraged.
</quote>

/rolf

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] MLMs and the use of multipart/alternative to preserve original DKIM signature and at the same time add a new DKIM signature, Rolf E. Sonneveld

Next by Date:

Re: [ietf-dkim] MLMs and the use of multipart/alternative to preserve original DKIM signature and at the same time add a new DKIM signature, Michael Thomas

Previous by Thread:

Re: [ietf-dkim] MLMs and the use of multipart/alternative to preserve original DKIM signature and at the same time add a new DKIM signature, Ian Eiloart

Next by Thread:

Re: [ietf-dkim] Yet another alternative mailing list approach, Douglas Otis

Indexes:

[Date] [Thread] [Top] [All Lists]