On 20/Oct/10 19:48, Douglas Otis wrote:
On 10/20/10 7:27 AM, Alessandro Vesely wrote:
For example, the initial paragraph of section 5.4 could be
modified so as to read:
The From header field MUST be signed; that is, it MUST be included
at least once in the "h=" tag of the resulting DKIM-Signature
header field, and SHOULD be included twice (see Section 8.14). In
addition, the signer MUST ensure that at most one instance of the
From field actually exists in the header.
[...]
Verifiers would then discard any From field after the first one,
whether signed or not.
While this represents a defensive posture that might be used prior to
DKIM reliably returning PERMFAIL when multiple From header fields are
contained within the message, it only thwarts half of the threat
created by multiple From header fields. As both Charles and I have
illustrated:
DKIM-Signature: d=Big-IPS.com; h=from; (supposedly)...
From Accounts(_at_)Big-Bank(_dot_)com
From Someone(_at_)Big-IPS(_dot_)com
Subject: Audit notification
<body of text saying anything>
This message could be sent directly, or distributed by replaying it to
millions of recipients.
In my hypothesis, a verifier would discard the 2nd "From
Accounts(_at_)Big-Bank(_dot_)com", at least for hashing purposes. If they were
both signed, PERMFAIL would result from a mismatch in the header-hash.
If Big-Bank had been added after signing, verifiers are already
authorized to delete that field from the message, according to the
current PS. Isn't that enough?
Further thwarts can be specified in some ADSPbis, eventually. In
particular:
DKIM-Signature: d=Big-IPS.com; h=from; ...
From: Someone(_at_)Big-IPS(_dot_)com, Accounts(_at_)Big-Bank(_dot_)com
Subject: Audit notification
... (missing Sender)
Nothing Big-Bank.com might do with their signing mitigates this variant
of the double From header field attack. The ONLY sure method is to
ensure DKIM always returns PERMFAIL when multiple From header fields are
detected, whether both or one of them are signed.
I don't think the spec should impose surplus security. The minimal
layer violation quoted above might be forgiven after considering the
importance of the From field for DKIM.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html