ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Ticket 23 -- l= and Content-type

2011-04-29 14:17:23
   1. This is just a variant of the basic hole created by use of l=

   2. The premise that having the l= go to a multipart boundary somehow
increases security is simply wrong.  More generally, the idea that one or
another tidbit might tighten things a bit, l= opens such a huge door, the 
small
tidbits don't matter.

On further consideration, I'm with Dave.  Suggest removing the current 
language about l= and MIME boundaries, and replace with a note that if you 
use l=, added content can change the appearance of a message in hard to 
anticipate ways.

Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet 
for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>