ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Final update to 4871bis for working group review

2011-07-11 08:59:31
from [Murray S. Kucherawy] [Permanent Link] 
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Charles 
Lindsey
Sent: Monday, July 11, 2011 3:52 AM
To: DKIM
Subject: Re: [ietf-dkim] Final update to 4871bis for working group review


"Agents that evaluate or apply DKIM output need to be aware that a DKIM
signer can sign messages that are malformed (e.g., violate RFC5322), or
become malformed in transit, or contain content that is not true or
valid.  Such an action might constitute an attack against a receiver,
especially where additional credence is incorrectly given to a signed
message without evaluation of the signer.  Moreover, an agent would be
incorrect to infer that all instances of a header field are signed just
because one is.  Agents will need to account for these issues when
deciding how to apply DKIM results to message, especially when
displaying them to users."


OK, there is much good stuff in that. In particular, it makes it clear
that Bad Stuff can originate from the signer as well as from
men-in-the-middle and replayers. But I am still concerned that multiple
occurrences of "singleton" headers fields are not explicitly mentioned,
even as just one possible example.


That's what the "violate RFC5322" and "displaying them to users" covers.  
Again, I don't think it's smart to name a specific attack in case it leads one 
to believe that it's the only interesting one.


After all, you were seemingly happy to mention that particular trap in
8.14 in draft-12.


That this stuff is in there at all is compromise to me, so you're not quite 
accurate in your use of "happy".


Not sure about the word "incorrectly", but s/without evaluation/without
adequate evaluation/ might make your point better. Though I expect, of the
millions of perfectly legitimate domains that will exist without special
recognition in any reputation system, it will be hard to spot a newly
appearing 'badguy' one.


I don't think conversation about how reputation is applied is in scope; some 
systems could be used to give preferential treatment to good actors, some 
negative treatment to bad actors, some both.


I still don't think that paragraph is what we really need, but I will
withold judgement on that until I see how it gets incorporated into the
other bits of text that are around.


Given that today's the deadline, we will have to go with something like this or 
nothing at all (which in fact I would prefer because I think all of this is 
adequately covered by existing text, and I believe consensus and the AD 
concurs), so withhold judiciously.


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey
Next by Date:  Re: [ietf-dkim] Doublefrom language should be in ADSP, not core, Dave CROCKER
Previous by Thread:  Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey
Next by Thread:  Re: [ietf-dkim] Final update to 4871bis for working group review, J.D. Falk
Indexes:  [Date] [Thread] [Top] [All Lists]