[ietf-dkim] MLMs and the use of multipart/alternative to preserve original DKIM signature and at the same time add a new DKIM signature
Steve Atkins
steve at wordtothewise.com
Mon Aug 2 15:56:52 PDT 2010
On Aug 2, 2010, at 3:37 PM, Rolf E. Sonneveld wrote:
> Hi, all
>
> in the light of the discussion about draft-ietf-dkim-mailinglists I'd
> like to propose an alternative way to solve the MLM dilemma on how to
> deal with original DKIM signature/message versus sending out a modified
> version of the message. This proposal may be impractical or hard to
> realize, but I'd just thought I had to share it with you.
>
> The proposal is to preserve the original message + DKIM signature and to
> add the new (probably partially rewritten) output message, combined into
> a multipart/alternative structure. The combined message is sent by the
> MLM to the recipient. For the original message + DKIM signature, we
> could register a Content-Type of e.g. message/dkim-original-message with
> IANA. The output message would be the other part of the
> multipart/alternative, with the normal MIME structure of the MLM output
> message. A sample message sent by an MLM (or more in general, by a
> re-signer) would look like:
Does this mean that anyone can take their own content and
a message DKIM signed by someone else, and then send it out
such that their content will be displayed, but the (non-displayed)
signed message will be checked?
If so, this seems like exactly the reply attack that DKIM was designed
to prevent.
Cheers,
Steve
More information about the ietf-dkim
mailing list