Real use cases for justify nowsp? (was Re: nowsp considered harmful)


On July 20, 2005 at 10:05, Thomas Roessler wrote:

nowsp, when combined with the length parameter, can enable attackers
to completely replace the e-mail content displayed by mail user
agents, without invalidating the DKIM signature.


General question: Can someone provide real use cases that utilize
the nowsp algorithm in an effective manner?

The only example I remember being mentioned is the case of super-long
lines that are clear violation of RFC-2822.  Nowsp seems to try
to deal with cases that DKIM should not even bother with.

Thanks,

--ewh

<Prev in Thread]	Current Thread	[Next in Thread>
nowsp considered harmful, Thomas Roessler Re: nowsp considered harmful, Frank Ellermann XINDX, Dave Crocker Re: XINDX, Frank Ellermann Re: nowsp considered harmful, Tony Hansen Real use cases for justify nowsp? (was Re: nowsp considered harmful), Earl Hood <= Re: nowsp considered harmful, Eric Allman Re: nowsp considered harmful, Frank Ellermann Re: nowsp considered harmful, Nathaniel Borenstein Re: nowsp considered harmful, Jim Fenton Re: nowsp considered harmful, Earl Hood Re: nowsp considered harmful, Hector Santos RE: nowsp considered harmful, Hallam-Baker, Phillip Re: nowsp considered harmful, Tony Hansen Re: nowsp considered harmful, Michael Thomas Re: nowsp considered harmful, Michael Thomas

Previous by Date:	Re: dkim-base-00: misc. comments, Earl Hood
Next by Date:	RE: Issue tracking (was: revised Proposed Charter), Dave Crocker
Previous by Thread:	Re: nowsp considered harmful, Tony Hansen
Next by Thread:	Re: nowsp considered harmful, Eric Allman
Indexes:	[Date] [Thread] [Top] [All Lists]