Mark Delany wrote:
On Fri, Aug 20, 2010 at 11:55:40AM -0700, Murray S. Kucherawy allegedly
I don't know what you mean by "binding". DKIM doesn't say From: has
to contain any particular value, only that it has to be one of the
signed fields.
I don't know about binding either,
hmmmmmmmmmm, I am surprise that I have to be put into an awkward
position to explain what "binding" means here as digital signature
term in what I thought was a technical qroup. Very odd.
It is a well understood computer term especially when talking about
hashing values and electronic signatures.
Google it:
binding hash signatures
Here is a hit that might help:
http://en.wikipedia.org/wiki/Digital_signature
Digital signatures cryptographically bind an electronic
identity to an electronic document .......
The term bind or binding is a commonly used in hashing ideas when you
want to associate parts, as in like Collections or Association Arrays.
For DKIM, when you hash the h= headers, you are technically binding
values, "entities", parts, to the signature. Changing any values
breaks the bind.
Since 5322.FROM is a required binding for DKIM, it means you can not
change the 5322.FROM without breaking the signature. This naturally
implies an digital signature binding assertion that can used for
security purposes.
I am surprise it is even questioned at this point. Very odd.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html