I am perfectly happy with Murray's original (and now, revised) text.
(Nits still being discussed are entirely up to the WG.) I am not happy
with Charles's text. Particularly:
On 7/7/11 5:08 AM, Charles Lindsey wrote:
Recall that, when multiple instances of a given header field are
present, they are signed starting with the last one and working
upwards (section 5.4.2). This DKIM feature can be deployed to mount a
variety of attacks against the email system. In some, the attacker is
also the signer, signing the second of some duplicated field on
behalf of his own domain, whilst hoping that some lenient MUA will
display only the first. In others, a genuine signature from the
domain under attack is obtained by legitimate means, but extra header
fields are then added, either by interception or by replay.
It seems like this text is tailor-made to obfuscate who is doing the
attacking and who is being attacked. It's this distinction that I think
is the most important to make, and the above text simply does not
clarify; it muddies the waters. DKIM can only be "deployed to mount a
variety of attacks" if the recipient has already made the fatal mistake
of assuming that the existence of a cryptographically valid signature
*means* that the message is reliable and from a known "good" sender. You
could have a longer and more detailed discussion in the document about
how broken it is for a recipient to do such a thing, and put *that* into
the security consideration, but I don't think it's necessary. The above
can only obfuscate that very important point, making it out as if it's
something in the DKIM signing/verifying process that caused the problem.
pr
--
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Incorporated - Direct phone: (858)651-4478, Fax: (858)651-1102
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html