[ietf-dkim] One From DKIM Rule

ietf-dkim

[ietf-dkim] One From DKIM Rule

2011-07-08 12:34:32

Charles Lindsey wrote:

I think is is clear that these attacks will work if deployers fail to  
watch out for them. The only question is how long it will take the Bad  
Guys to spot the opportunities (and for sure they WILL spot them - sooner  
probably than later).


+1

To me, the protocol requires a highlighted explicit ONE FROM signing 
and verifier rule. It SHOULD NOT continue to sign a multi-from 
message, and it SHOULD invalidate the verification of a multi-from 
message.

Anything above that is SWAGGING and exploratory in nature and a 
consideration only to address legacy signers and verifiers, which 
includes receivers or internal mail creators don't allow multiple from 
headers.

-- 
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com



_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] Final update to 4871bis for working group review, (continued) Re: [ietf-dkim] Final update to 4871bis for working group review, Scott Kitterman Re: [ietf-dkim] Final update to 4871bis for working group review, McDowell, Brett Re: [ietf-dkim] Final update to 4871bis for working group review, Scott Kitterman Re: [ietf-dkim] Final update to 4871bis for working group review, John Levine Re: [ietf-dkim] Final update to 4871bis for working group review, Steve Atkins Re: [ietf-dkim] Final update to 4871bis for working group review, Douglas Otis Re: [ietf-dkim] Final update to 4871bis for working group review, Murray S. Kucherawy Re: [ietf-dkim] Final update to 4871bis for working group review, McDowell, Brett Re: [ietf-dkim] Final update to 4871bis for working group review, McDowell, Brett Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey [ietf-dkim] One From DKIM Rule, Hector Santos <= Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey Re: [ietf-dkim] Final update to 4871bis for working group review, Murray S. Kucherawy Re: [ietf-dkim] Final update to 4871bis for working group review, Barry Leiba Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey Re: [ietf-dkim] Final update to 4871bis for working group review, John R. Levine Re: [ietf-dkim] Final update to 4871bis for working group review, Dave CROCKER Re: [ietf-dkim] Final update to 4871bis for working group review, Murray S. Kucherawy Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey Re: [ietf-dkim] Final update to 4871bis for working group review, Murray S. Kucherawy Re: [ietf-dkim] Final update to 4871bis for working group review, Dave CROCKER

Previous by Date:	Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey
Next by Date:	Re: [ietf-dkim] Final update to 4871bis for working group review, Pete Resnick
Previous by Thread:	Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey
Next by Thread:	Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey
Indexes:	[Date] [Thread] [Top] [All Lists]