Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.F

ietf-dkim

Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From

2010-10-05 12:50:32

Please don't CC me.  I'm subscribed to the list.

Hector Santos wrote:

Julian Mehnle wrote:

The trick is to list From twice in h=.  This ensures more From headers
cannot be added without breaking the signature.


Julian, this was explored and it does not matter.  You can add N
number of h=from: and N+1 is all that is needed in the security hole.


I don't get what you're saying.

I interpret RFC 4871, section 5.4 (actually, exactly the part you quoted 
originally), such that signing a message that has a dingle From field 
with h=From:From ensures that adding another From field will break the 
signature.  If you're saying there is a way to add a second From field a 
message thusly signed without breaking the signature, could you please 
explain to me how?

-Julian

signature.asc
Description: This is a digitally signed message part.

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, (continued) Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, MH Michael Hammer (5304) Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Scott Kitterman Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Murray S. Kucherawy Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Scott Kitterman Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Murray S. Kucherawy Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Hector Santos Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Hector Santos Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, John Levine Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Julian Mehnle Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Hector Santos Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Julian Mehnle <= Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Hector Santos Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Julian Mehnle Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Murray S. Kucherawy Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Julian Mehnle Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Murray S. Kucherawy Re: [ietf-dkim] signing and verifying invalid messages, John Levine Re: [ietf-dkim] signing and verifying invalid messages, Michael Thomas Re: [ietf-dkim] signing and verifying invalid messages, Hector Santos Re: [ietf-dkim] signing and verifying invalid messages, J.D. Falk Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Charles Lindsey

Previous by Date:	Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Murray S. Kucherawy
Next by Date:	Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, MH Michael Hammer (5304)
Previous by Thread:	Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Hector Santos
Next by Thread:	Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple 5322.From, Hector Santos
Indexes:	[Date] [Thread] [Top] [All Lists]