On Wed, 6 Jul 2011, Barry Leiba wrote:
As Pete has pointed out -- and has he's adamant about -- the signer
can't attack... that is, DKIM can't do anything about "attacks" by the
signer.
Under the double-From: exploit Otis is so concerned about, one signer can
(given favorable winds) trick an end-user into thinking his message was
signed properly *by someone else*. So indeed, a signer can attack.
Although I still don't agree with Otis' demands for extra language in the
RFC. Really, his case would make sense if there was some squad of thugs
ready to force every mail-admin to implement DKIM, but only to the strict
letter of the final RFC. Then putting that in might make a difference --
but so would throwing in a whole bunch of other unrelated anti-abuse best
practices.
In real life, however, if you don't have the power to demand that a
recipient mail admin block incoming double-From: messages, then you don't
have the power to demand that they deploy DKIM at all.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html