"Michael" == Michael Thomas <mike(_at_)mtcc(_dot_)com> writes:
Michael> Sam Hartman writes:
>> >>>>> "Michael" == Michael Thomas <mike(_at_)mtcc(_dot_)com> writes:
>>
Michael> Sam Hartman writes:
>> >> >>>>> "Tony" == Tony Finch <dot(_at_)dotat(_dot_)at> writes:
>> >>
Tony> On Tue, 11 Jan 2005, Douglas Otis wrote:
>> >> >> On Tue, 2005-01-11 at 11:53, Sam Hartman wrote:
>> >> >>
>> >> >> > I'd like to go farther: why are we signing the body?
>> >> We're >> trying to > prevent spam not modification of
>> existing >> mail >> messages. I think that > canonicalizing
>> headers may be >> >> challenging enough; do we really need to >
>> solve the problem >> of >> canonicalizing bodies on top of
>> this.
>> >> >>
>> >> >> Capture of a signed header would allow attaching a
>> message >> as a >> vehicle to carry spam.
>> >>
Tony> For example, you can do this with on-line mailing list
Tony> archives. The replay attack problem is very serious. The
Tony> BATV and SES groups have discussed it in some detail and
Tony> have generally agreed that the only sure way to protect
Tony> against it is with full message data signatures.
>> >> I understand you can get headers to replay. It seems that
>> >> defining a largish replay window (say 30 days) and keeping
>> >> enough information to uniquely identify a message from this
>> >> replay window is an option worth considering.
>>
Michael> Riddle me this: how does a receiver know when to say
Michael> enough is enough?
>> Please explain your question more clearly.
Michael> Even if a receiver keeps a database of identifying
Michael> information of a particular piece of mail (msg id,
Michael> signature...), how can it know whether it ought to reject
Michael> it or not? You aren't guaranteed to see all of the
Michael> recipients in a single session, a single MTA, or even a
Michael> single domain. And the sender can't help you either
Michael> (initial or otherwise): it doesn't know the ultimate
Michael> graph that a piece of mail will make through exploders,
Michael> etc.
It knows it needs to deliver it to each recipient at most once.