"Dave CROCKER" <dhc(_at_)dcrocker(_dot_)net> wrote:
On 10/5/2010 8:15 AM, Ian Eiloart wrote:
It has been observed by implementations that is it possible to replay
a message with a 2nd 5322.From header at the top which wouldn't break
the DKIM signature validity, but would often be displayed by MUAs to
display the new 5322.From display rather than the signature bound
5322.From header.
Ouch. That's nasty. But wouldn't it be better to advise MUA vendors to
display the signed header? Are there really MUA's that will display the
unsigned headers*and* assert that it was validated? If so, that's surely a
bug in the implementation of the MUA.
Your comments underscore the importance of being careful about what we expect
from DKIM. As you note, if software is DKIM-aware, it also needs to be
DKIM-intelligent.
At a deeper level, there is a continuing problem with casting DKIM as a
mechanism to "protect" a message. That's something that OpenPGP and S/Mime
do;
it's not something DKIM does. DKIM merely tries to do enough to ensure that
the
d= is valid, to provide a basis for reputation assessment.
Hence, I recommend that this ISSUE be declined and closed.
Nack. DKIM also purports to provide assurance that the signed content of the
message is unmodified. I think mentioning that all instances of a header that
is signed should be used for signing and verification is a useful data point
for implementors.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html