On 10/15/10 2:10 PM, Wietse Venema wrote:
MH Michael Hammer (5304):
On Friday, October 15, 2010 11:59 AM, Bill Oxley wrote:
Well a broken signature is morally equivalent to unsigned so Im
not sure of the potential harm...
And this is where I angst. In all the discussions of a broken
signature being morally equivalent to unsigned, the thrust has been
that it was likely broken in transit. We failed to have the
discussion of it being intentionally broken in transit as an
attempt to game the system. For header mutations after signing
(which are likely to be a malicious attempt in the specific cases
we have been discussing) I feel that treating it as simply the same
as unsigned is ignoring the potential maliciousness.
I'm sure this was discussed before, but perhaps a refresher helps.
How would the DKIM validator know the difference between:
A: The message had a valid signature, but it was broken after
signing.
B: The message is a forgery with a bogus signature.
If the DKIM validator cannot make that distinction, then the bad guys
will do B and the validator will treat it as A.
Email is not handled in one step. Upstream processes may improperly
handle messages on the basis of DKIM where a signature might be
improperly considered valid with an unsigned pre-pended From header
field. This would be due to the verification process not being
explicit. Had the process been explicit, it is likely the message would
have been refused. It is not safe to assume prior processing would have
considered such a message to have had an invalid signature. The best
method to handle this situation would be to refuse the message. An
invalid signature without multiple From header fields is considerably
different and has many innocuous causes.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html