[ietf-dkim] Re: ISSUE 1525 -- Restriction to posting by first
Author breaks email semantics
Jim Fenton
fenton at cisco.com
Tue Jan 15 14:54:17 PST 2008
Frank Ellermann wrote:
> Dave Crocker wrote:
>
>
>> The current SSP language modifies RFC2822, and so there should be
>> considerable clarity about the need, the benefit, and the impact.
>>
>
> +1
>
>
I'd like to explain the basis for what's currently in the draft. The
text in question is at the beginning of section 2.3, with supporting
non-normative rationale (which I will disagree slightly with here).
The goal of SSP is to determine the practices of the (alleged) author of
the message. The practices of the (alleged) agent responsible for the
transmission of the message aren't relevant; the agent could be the
author's secretary, or for that matter the author's (or authors')
attorney or PR firm.
According to RFC 2822 section 3.6.2, the Sender header field MUST appear
whenever the From field contains more than one mailbox specification,
and SHOULD appear whenever the message is transmitted by other than the
author. However, even when the From field contains more than one
mailbox specification, the Sender field still represents the
transmitting agent, not the author. Use of the Sender field would
therefore apply SSP incorrectly.
We then are left with the dilemma of what to do when there is more than
one author. One option would be to look up the practices of all of the
authors and combine them. An attacker could then potentially make up
messages with many alleged authors as a make-work attack on SSP.
Instead, by looking at the first From address only, we force an attacker
who wants to weaken SSP by inserting an extra address to put the bogus
address first, causing the message, most likely, to look like it came
from someone else entirely.
-Jim
More information about the ietf-dkim
mailing list