ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] draft-vesely-dkim-joint-sigs

2010-09-17 11:30:22
On 17/Sep/10 16:51, Ian Eiloart wrote:
--On 16 September 2010 09:49:40 -0700 "Murray S. Kucherawy" 
<msk(_at_)cloudmark(_dot_)com>  wrote:
 I'm worried about [partial signatures].  If people are encouraged not to
 sign Subject:, for example, which is a popular display header field, one
 could spamify that field and re-send the message.

 If you subscribe to the idea that a DKIM signature reflects a domain
 taking some responsibility for a message, I'd have a hard time not
 signing Subject: (or From:) for any reason.

I guess for this to work, the MLM admin needs to be looking for a good full
signature. Lists that don't rewrite the subject are going to work better
here, but more serious is the lack of signature for the body. Still, the
attack that you describe is fairly esoteric, and targetted specifically to
the list (remember, the sender can add a list-id header, and sign that!) It
may be too expensive to be profitable.

Ah, it wasn't clear to me that Murray meant re-sending the message 
/through the list/.  Yes, in that case the MLM cannot use the first 
signature to authenticate the author, unless an additional datum is 
also signed.  For example, if the first signature also covers Date or 
Message-ID, forgeries would be quite apparent.

Hey, how come message streams have no sequence numbers?
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html