[ietf-dkim] one more comment I forgot...
Douglas Otis
dotis at mail-abuse.org
Wed Jan 11 15:29:24 PST 2006
On Jan 11, 2006, at 11:19 AM, Michael Thomas wrote:
> Stephen Farrell wrote:
>>
>> Yes, but mucking up a signature is already covered in the draft
>> whereas totally ditching one isn't.
>>
>> (Perhaps "forwarder" wasn't the right term - if not, mea culpa.)
>
> From a threat perspective, the two are identical, right?
The term mediator may have been better. Removal of a signature
within that role may also introduce a new signature by the mediator.
In this case, a signature has been removed and replaced with a
different signature. In the case of replacement, the results should
not be identical. Being able to define the role of the signer may
help resolve handling issues.
> If a receiver in any way treats broken signatures different than
> missing signatures, an attacker can exploit the preferable
> treatment trivially.
This was not about a broken signature, but a deliberately removed
signature. Once there is a greater concern related to the overhead
associated with handling multiple signatures, how this gets handled
will have greater importance. A bad actor could trivially increase
recipient burdens by introducing multiple signatures with various
body lengths and multiple From addresses. Unfortunately, due to the
authorization scheme, this may also become a common practice by
legitimate mediators. : (
-Doug
More information about the ietf-dkim
mailing list