On Fri, 24 Sep 2004 12:51:26 +0100, David Woodhouse wrote:
So if we accept the extra complexity of signing with the
RFC2822 addresses, we need to make sure it's not easily
bypassable by adding 'Sender:' or 'Resent-From:' headers. I
think we really need to go all the way and do the thing with
multiple signatures.
I suspect there is a rather deep dilemma highlighted by your
comment. On the one hand, there is a desire to develop a
"complete" solution. On the other, there is the need to do
something (anything) that is useful.
The former leads to larger, more complex specifications that take
longer to produce and is more fragile -- adoption and successful
use are riskier. The latter attempts to achieve less but
achieves it more reliably and more quickly.
Perhaps the critical issue is "easily bypassable"? It has at
least two forms of concern. One is whether a specified technique
can be directly subverted -- that is, can it be made not to work.
The other is whether some larger goal by an attacker can be
served by techniques that gets the recipient to misinterpret
things.
My guess is that header/content signature can be made strong
enough. So the issue is the larger problem of manipulating
recipients.
My own view is that this larger problem is solved only by
attacking pieces of it. And header/content signing is one of
those pieces.
d/
--
Dave Crocker <mailto:dcrocker-at-brandenburg-dot-com>
Brandenburg InternetWorking <http://brandenburg.com>