-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of John R. Levine
Sent: Wednesday, October 06, 2010 6:17 AM
To: Steve Atkins
Cc: DKIM List
Subject: Re: [ietf-dkim] THIS IS A MULTIPLE 5322.FROM MESSAGE
Recall that the original question was about a valid message with a
valid signature, which the attacker mutated by adding an extra header
that makes it an invalid message with a signature that still
mechanically verifies.
Who's responsible for it now?
Is it DKIM's job to make the verification fail, or is it an MUA's job
to do something reasonable with malformed messages?
Yeah, this just occurred to me as well. Any application (signer/verifier, spam
filter, MLM, user agent, whatever, even if it has nothing to do with DKIM) that
bases its actions on header fields but doesn't check for valid format first may
have this vulnerability in some form. For example, an MLM that authenticates a
poster based on one From: field while MUAs might render a different one has the
very same problem.
Trying to deal with this in 4871bis almost seems pointless when the issue is
scaled that far.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html