Miles Libbey writes:
--- David Woodhouse <dwmw2(_at_)infradead(_dot_)org> wrote:
I don't think so. I find it hard to imagine an attach in which
canonicalisation gives you a way to abuse mail. Perhaps if the
canonicalisation were to fold all whitespace, someone's answer could
be
moved from one column in a table to another column?
This may allow a spammer to replay a message and add their own special
content. Imagine a spammer taking a message from a bank and redefining
css tags to hide the 'legit' content from the user, and appending their
own special phishing text.
As I mentioned to Nathaniel Borenstein at IETF, the "no
white space" canonicalization could conceivably lead to an
attack of the ascii art variety: just keep the original
content but through the creative insertion of tabs,
newlines, etc, display Viagra ads. Here it's possible and
quite reasonable for senders to have different tolerance
levels for whether they are willing to tolerate such an
attack; many people will, but some risk adverse senders may
not.
In any case, the long term goal here should be to put body
manglers at an evolutionary disadvantage, and that the
"plain" canonicalization (eg all bits in ==> hash out) is
really the ultimate goal. Steps in between are compromises
to deal with current reality.
Mike