[ietf-dkim] authentication result headers are an unsafe
alternative
Douglas Otis
dotis at mail-abuse.org
Tue Apr 18 11:18:24 PDT 2006
On Apr 18, 2006, at 10:42 AM, Scott Kitterman wrote:
>
> From a protocol design perspective, I think the right answer is to
> design for the case where the receiving MTA/MDA will check the
> signature and record a result that, if appropriate, an MUA can use.
Depending upon an unsigned "results" header being added to the
message is an unsafe practice.
It is not practical to determine who added the "results" header,
whether the MDA strips/adds all prior results headers, and whether
all possible backup and alternative paths also strip/adds all
"results" headers. Retaining the integrity of the DKIM signature for
a suitable period should permit message verification for transports
that carry messages beyond the MDA. Message protection beyond SMTP
is an important aspect of DKIM. Reliance upon a results header may
produce many years of victims that DKIM intended to protect.
Explain the motivation for not including DKIM protection beyond SMTP?
-Doug
More information about the ietf-dkim
mailing list