On 10/11/10 3:05 PM, Wietse Venema wrote:
Charles Lindsey:
When the bad guy sends mail with (multiple) forged headers, the
best they can get is that naive mail programs render their forged
header with an indication that THE BAD GUY'S DKIM SIGNATURE VERIFIED.
Sending forged headers with bad guy's DKIM signatures is not an
interesting attack on DKIM.
On the contrary, it is an exceedingly interesting attack.
If you believe that sending mail with a valid bad guy signature is
an interesting attack on DKIM, then that implies that you're willing
to believe mail that is signed by arbitrary strangers. That is a
problem that DKIM is not designed to solve.
Use of a pre-pended From could be for services(_at_)big-bank(_dot_)com, where
the
valid signature could be for someone(_at_)big-ips(_dot_)com(_dot_) It seems
important to
keep this from being an attack vector, as bad actors might send
themselves their messages to replay them in a deceptive fashion. Its
not hard to imagine this becoming a problem. It also seems unlikely to
have messages from a large provider blocked when a few of their messages
are used in an attack that they did not directly issue.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html