Re: [ietf-dkim] detecting header mutations after signing

ietf-dkim

Re: [ietf-dkim] detecting header mutations after signing

2010-10-09 14:50:09

John R. Levine wrote:

I don't see incentives to spoof:

    MIME-Version
    Content-Type

What are the gains?


This has been discussed at great length.  Please consult the list archives.


Thanks - you couldn't summarize or its too hard to explain?

I can search, certainly not consult.   But let me "consult" GOOGLE:

      MIME-Version Exploits IETF-DKIM

Without going nuts looking all the results, I see whats in 4871 section

     8.1.1.  Addition of New MIME Parts to Multipart/*

and this seems about the l= body size issue which most people already 
agreed is a bad idea.

I don't see how the 5322.Mime-Version header can be exploited.

Anyway, never mind.

-- 
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] detecting header mutations after signing, (continued) Re: [ietf-dkim] detecting header mutations after signing, Wietse Venema Re: [ietf-dkim] detecting header mutations after signing, Murray S. Kucherawy Re: [ietf-dkim] detecting header mutations after signing, Wietse Venema Re: [ietf-dkim] detecting header mutations after signing, Jeff Macdonald [ietf-dkim] Inadvertent Spoof, Hector Santos Re: [ietf-dkim] Inadvertent Spoof, Jeff Macdonald Re: [ietf-dkim] Inadvertent Spoof, Hector Santos Re: [ietf-dkim] detecting header mutations after signing, John R. Levine Re: [ietf-dkim] detecting header mutations after signing, Hector Santos Re: [ietf-dkim] detecting header mutations after signing, John R. Levine Re: [ietf-dkim] detecting header mutations after signing, Hector Santos <= Re: [ietf-dkim] detecting header mutations after signing, MH Michael Hammer (5304) Re: [ietf-dkim] detecting header mutations after signing, Charles Lindsey Re: [ietf-dkim] detecting header mutations after signing, Wietse Venema Message not available Re: [ietf-dkim] detecting header mutations after signing, Charles Lindsey Re: [ietf-dkim] detecting header mutations after signing, Murray S. Kucherawy Re: [ietf-dkim] detecting header mutations after signing, Jeff Macdonald [ietf-dkim] What DKIM provides, again, Murray S. Kucherawy Re: [ietf-dkim] What DKIM provides, again, Jeff Macdonald Re: [ietf-dkim] What DKIM provides, again, Michael Thomas Re: [ietf-dkim] What DKIM provides, again, Jeff Macdonald

Previous by Date:	Re: [ietf-dkim] detecting header mutations after signing, John R. Levine
Next by Date:	Re: [ietf-dkim] detecting header mutations after signing, Charles Lindsey
Previous by Thread:	Re: [ietf-dkim] detecting header mutations after signing, John R. Levine
Next by Thread:	Re: [ietf-dkim] detecting header mutations after signing, MH Michael Hammer (5304)
Indexes:	[Date] [Thread] [Top] [All Lists]