vesely at tana.it
Thu Sep 16 11:03:30 PDT 2010
On 16/Sep/10 18:49, Murray S. Kucherawy wrote:
> From: ietf-dkim-bounces at mipassoc.org On Behalf Of Ian Eiloart
>> I don't think so. The original signature should only sign the
>> DKIM- required and From headers, and perhaps enough other headers
>> to reduce utility of replay attacks. Importantly, they should
>> only sign parts that are likely to be unbroken by the MLM, thus
>> satisfying ADSP requirements. However, the recipient knows that a
>> valid signature from the MLM is required, too. Thus, the original
>> DKIM signature is only valid for messages going through the list
>> - off list replay isn't possible. On-list replay can be limited
>> by ALSO including a full DKIM signature, for the list to check
>> before redistributing.
> I'm worried about that third sentence. If people are encouraged
> not to sign Subject:, for example, which is a popular display
> header field, one could spamify that field and re-send the
Yes, suppose I usually sign everything, except when the only recipient
is ietf-dkim at mipassoc.org: in this case I only sign From: and Date:.
One cannot replay a modified version of the message, because of the
2nd party joint signature. Thus one has to remove mipassoc.org's
signature, and then she can compose any message, constrained only by
the original From: and Date:. A third signed field,
is meant to avoid exactly that.
> If you subscribe to the idea that a DKIM signature reflects a
> domain taking some responsibility for a message, I'd have a hard
> time not signing Subject: (or From:) for any reason.
Why? DKIM seeks to forbid modifications in order to avoid replaying.
On 16/Sep/10 13:05, MH Michael Hammer (5304) wrote:
> Ian, this makes no sense to me. If a signing domain is concerned enough
> to choose to implement ADSP, why would they reduce what they are signing
> to accommodate a small percentage of their mail going to MLMs that they
> may or may not be able to identify? I don't remove the locks on my doors
> because there is a possibility that someone might break one of my
> I've said it before and I'll say it again. MLMs are the tail, not the
> dog. Don't wag the dog.
Messages can also be replayed as-is, for the sole purpose to game the
author domain's reputation. DKIM can sign To: and Cc:, but not Bcc:,
and then these are not tied to the actual recipients list. This
wagging is about delimiting message streams, hence it's not
necessarily tied to MLMs only.
More information about the ietf-dkim