ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] detecting header mutations after signing

2010-10-11 18:05:36
  On 10/11/10 3:05 PM, Wietse Venema wrote:
Charles Lindsey:
When the bad guy sends mail with (multiple) forged headers, the
best they can get is that naive mail programs render their forged
header with an indication that THE BAD GUY'S DKIM SIGNATURE VERIFIED.

Sending forged headers with bad guy's DKIM signatures is not an
interesting attack on DKIM.
On the contrary, it is an exceedingly interesting attack.
If you believe that sending mail with a valid bad guy signature is
an interesting attack on DKIM, then that implies that you're willing
to believe mail that is signed by arbitrary strangers.  That is a
problem that DKIM is not designed to solve.
Use of a pre-pended From could be for services(_at_)big-bank(_dot_)com, where 
the 
valid signature could be for someone(_at_)big-ips(_dot_)com(_dot_)  It seems 
important to 
keep this from being an attack vector, as bad actors might send 
themselves their messages to replay them in a deceptive fashion.  Its 
not hard to imagine this becoming a problem.  It also seems unlikely to 
have messages from a large provider blocked when a few of their messages 
are used in an attack that they did not directly issue.

-Doug


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html