ietf-dkim
[Top] [All Lists]

[ietf-dkim] DKIM Component Responsibility

2010-10-18 15:21:09
Murray S. Kucherawy wrote:

Current implementations, especially the two library ones that 
are referenced most often in here, haven't the functionality to 
cause header fields to be removed, prefixed, reordered, modified, 
etc.  This change would require them to be overhauled to extend 
their reach into what the MTA can do.  That expansion of scope 
of "DKIM process" to me requires a recycle at Proposed Standard.

What started all this is one of these API dealing with it with the 
verification and I pointing this out.  However, we did not know why it 
did this and we later found out.

Their solution was only on the verification side with an added 
requirement that all 5322.From be signed - the default behavior.

So any belated injection of a 5322.From header would invalidate the 
signature which I believe will cover the majority of the loophole.

-- 
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>