-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Murray S.
Kucherawy
Sent: Sunday, July 10, 2011 8:39 PM
To: Charles Lindsey; DKIM
Cc: Pete Resnick
Subject: Re: [ietf-dkim] Final update to 4871bis for working group review
"Agents that evaluate or apply DKIM output need to be aware that a DKIM
signer can sign messages that are malformed (e.g., violate RFC5322), or
become malformed in transit. Such an action might constitute an attack
against a receiver, especially where additional credence is incorrectly
given to a signed message without evaluation of the signer. Moreover,
a verifier would be incorrect to infer that all instances of a header
field are signed just because one is. Agents will need to account for
these issues when deciding how to apply DKIM results to message,
especially when displaying them to users."
Actually, let me revise that a bit:
"Agents that evaluate or apply DKIM output need to be aware that a DKIM signer
can sign messages that are malformed (e.g., violate RFC5322), or become
malformed in transit, or contain content that is not true or valid. Such an
action might constitute an attack against a receiver, especially where
additional credence is incorrectly given to a signed message without evaluation
of the signer. Moreover, an agent would be incorrect to infer that all
instances of a header field are signed just because one is. Agents will need
to account for these issues when deciding how to apply DKIM results to message,
especially when displaying them to users."
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html