On 14/Oct/10 00:22, Jim Fenton wrote:
Insert prior to current section 6.1.2 (which becomes 6.1.3, etc.):
6.1.1 Validate the Message Syntax
The verifier SHOULD meticulously validate the format of the message
being verified against the requirements specified in [RFC5322],
[RFC2045], and [RFC2047]. In particular, limitations on the number of
occurrences of particular header fields specified in [RFC5322] section
3.6 SHOULD be verified. Messages found to be in violation of these
checks MUST return a PERMFAIL (message syntax error) verification result.
-1
If we go for changing the protocol in order to avoid the exploit, we
should explicitly enumerate the header fields whose duplication
verifiers MUST check. "SHOULD meticulously validate" + "MUST return
PERMFAIL" make for a fuzzy protocol.
The spec should also state whether duplicated fields invalidate a
signature even when they are duly signed. Finally, it does make sense
to duplicate fields in h= as stated in -02's 8.14, because that's the
only way to guard against the exploit in case the destination's
verifier is coded according to the previous protocol version.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html