I thought all crypto signing schemes have some kind of email
address/name
identifier that can always reliably override the "From:" header.
The from header is required to match the subjectaltname attribute
in the subject certificate.
I am thinking we should restate this to be an override, if
unauthenticated data does not match authenticated then it
should simply be discarded, not cause a fault.
I mean, it's like signing a typed document --- which is more likely to
misspell my name, the typed document or my carefully formed signature?
So for 2822 authorship-verification purposes I thought S/MIME and PGP
would do; am I wrong? See
http://www.antiphishing.org/smim-dig-sig.htm
PHB can probably comment authoritatively.
The big hole in S/MIME is that the headers are not encrypted. But the
from header is authenticated. Its a pity that the group did not accept
my suggestion to authenticate Subject and Date.
If you run S/MIME over SSL traqnsport though you get encryption of
the message end to end and the headers hop by hop - which is pretty
good. It is not 100% satisfactory because SMTP conflates message
data with routing data, headers can carry important content.
Maybe someone on the list who regularly sends with S/MIME could try an
experiment --- send a message to yourself, observe a successful S/MIME
check, then tweak the "From" header and see what happens. I know Mac
Mail supports S/MIME pretty well, that might be a good platform to
test with.
Heh, just tried to send with a fake from and a signature and outlook
would not let me...
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/spf-draft-200404.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
smime.p7s
Description: S/MIME cryptographic signature