Hector Santos wrote:
Julian Mehnle wrote:
I interpret RFC 4871, section 5.4 (actually, exactly the part you
quoted originally), such that signing a message that has a dingle
From field with h=From:From ensures that adding another From field
will break the signature. If you're saying there is a way to add a
second From field a message thusly signed without breaking the
signature, could you please explain to me how?
You are correct. Adding a second from: to the h= tag:
"h=from:from:.........."
can address this. But no implementation does that.
I don't think this is a matter of implementation, but one of *configura-
tion*. Are there any DKIM implementations that *hard-code* the value of
h=?
In any case I think all that's warranted is adding an explicit note that
From should be included in h= twice, be it in a hard-coded (default)
value or in user-made configuration.
[...]
Obviously, the ease of this exploit is a concern. Any high value
domain mail can now be found and replayed with a phished or spooked
2nd or more 5322.From:
Agreed. Assuming you're right and single-"From" h='s are indeed a
frequent configuration, then apparently the significance of this was
underestimated.
-Julian
signature.asc
Description: This is a digitally signed message part.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html