I actually like Charles's edits except for one paragraph, and, as a
participant, would be happy to change 8.15 accordingly. The one
problem paragraph is this one:
On Wed, Jul 6, 2011 at 7:17 AM, Charles Lindsey
<chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk> wrote:
...
Recall that, when multiple instances of a given header field are
present, they are signed starting with the last one and working
upwards (section 5.4.2). A variety of attacks taking advantage of
this feature can be envisaged. In some, the attacker is himself the
signer, signing the second of some duplicated field on behalf of his
own domain, whilst hoping that some lenient MUA will display only the
first. In others, a genuine signature from the domain under attack is
obtained by legitimate means, but extra header fields are then added,
either by interception or by replay.
As Pete has pointed out -- and has he's adamant about -- the signer
can't attack... that is, DKIM can't do anything about "attacks" by the
signer. And that's as Charles's text itself points out. So I'd be
happy merging just the last sentence with the next paragraph, and
eliminating the rest:
"A genuine signature from the domain under attack can be obtained by
legitimate means, but extra header fields can then be added, either by
interception or by replay. In this scenario DKIM can aid in
detecting such addition of specific fields in transit. This is done
by having the signer list the field name(s) in the "h=" tag an extra
time [...etc...]"
Barry, as participant
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html