ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] detecting header mutations after signing

2010-10-11 17:08:37
from [Wietse Venema] [Permanent Link] 
Charles Lindsey:

When the bad guy sends mail with (multiple) forged headers, the
best they can get is that naive mail programs render their forged
header with an indication that THE BAD GUY'S DKIM SIGNATURE VERIFIED.

Sending forged headers with bad guy's DKIM signatures is not an
interesting attack on DKIM.


On the contrary, it is an exceedingly interesting attack.


If you believe that sending mail with a valid bad guy signature is
an interesting attack on DKIM, then that implies that you're willing
to believe mail that is signed by arbitrary strangers.  That is a
problem that DKIM is not designed to solve.

        Wietse
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] I-D Action:draft-ietf-dkim-implementation-report-03.txt, Murray S. Kucherawy
Next by Date:  Re: [ietf-dkim] detecting header mutations after signing, Dave CROCKER
Previous by Thread:  [ietf-dkim] I-D Action:draft-ietf-dkim-implementation-report-03.txt, Internet-Drafts
Next by Thread:  Re: [ietf-dkim] detecting header mutations after signing, Dave CROCKER
Indexes:  [Date] [Thread] [Top] [All Lists]