On Friday, October 08, 2010 01:41:15 pm Murray S. Kucherawy wrote:
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Scott
Kitterman
Sent: Friday, October 08, 2010 10:01 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] detecting header mutations after signing
We want to re-submit DKIM Signing to Proposed Standard, in order to fix
an edge condition that is only a theoretical issue and only fixes a
problem that is actually outside of the scope of what DKIM is trying
to achieve?
Detecting modification in transit is outside the scope of what DKIM is
trying to achieve?
Doesn't DKIM try to detect modification of the portion covered by the
hashes, which is unchanged in this scenario?
For what I view as a very abstract definition of unchanged, sure. I think
adding additional From or Subject does change the content of the message From
or Subject. If one takes the view that we've defined things such that this is
OK from a protocol definition perspective, so it's not an issue, I think we've
lost sight of the original goal of this requirement in the protocol.
I think that this can be dealt with through an additional security
consideration and doesn't have to disrupt the rush to get this advanced
through the standards process.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html