[ietf-dkim] New Issue: overview document does not mention message validity
J D Falk
jdfalk at returnpath.net
Tue Mar 18 16:30:09 PDT 2008
Suggested addition to section 2, though I'm not entirely certain that
"validity" is the correct word to use here:
2.3. Establishing Message Validity
Though man-in-the-middle attacks are historically rare in email,
it is nevertheless theoretically possible for a message to be
modified during transit. An interesting side effect of the
cryptographic method used by DKIM is that it is possible to be
certain that a signed message (or, if l= is used, the signed
portion of a message) has not been modified. If it has been
changed in any way, then the message will not be verified
successfully with DKIM.
As described above, this validity neither lowers nor raises the
level of trust associated with the message. If it was an
untrustworthy message when initially sent, the verifier may be
certain that the message will be equally untrustworthy upon
receipt and successful verification.
--
J.D. Falk
Receiver Products
Return Path
More information about the ietf-dkim
mailing list