Please don't CC me. I'm subscribed to the list.
Hector Santos wrote:
Julian Mehnle wrote:
The trick is to list From twice in h=. This ensures more From headers
cannot be added without breaking the signature.
Julian, this was explored and it does not matter. You can add N
number of h=from: and N+1 is all that is needed in the security hole.
I don't get what you're saying.
I interpret RFC 4871, section 5.4 (actually, exactly the part you quoted
originally), such that signing a message that has a dingle From field
with h=From:From ensures that adding another From field will break the
signature. If you're saying there is a way to add a second From field a
message thusly signed without breaking the signature, could you please
explain to me how?
-Julian
signature.asc
Description: This is a digitally signed message part.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html