"Michael" == Michael Thomas <mike(_at_)mtcc(_dot_)com> writes:
Michael> Sam Hartman writes:
>> >>>>> "Tony" == Tony Finch <dot(_at_)dotat(_dot_)at> writes:
>>
Tony> On Tue, 11 Jan 2005, Douglas Otis wrote:
>> >> On Tue, 2005-01-11 at 11:53, Sam Hartman wrote:
>> >>
>> >> > I'd like to go farther: why are we signing the body?
>> We're >> trying to > prevent spam not modification of existing
>> mail >> messages. I think that > canonicalizing headers may be
>> >> challenging enough; do we really need to > solve the problem
>> of >> canonicalizing bodies on top of this.
>> >>
>> >> Capture of a signed header would allow attaching a message
>> as a >> vehicle to carry spam.
>>
Tony> For example, you can do this with on-line mailing list
Tony> archives. The replay attack problem is very serious. The
Tony> BATV and SES groups have discussed it in some detail and
Tony> have generally agreed that the only sure way to protect
Tony> against it is with full message data signatures.
>> I understand you can get headers to replay. It seems that
>> defining a largish replay window (say 30 days) and keeping
>> enough information to uniquely identify a message from this
>> replay window is an option worth considering.
Michael> Riddle me this: how does a receiver know when to say
Michael> enough is enough?
Please explain your question more clearly.