[ietf-dkim] detecting header mutations after signing
John Levine
johnl at iecc.com
Thu Oct 7 23:14:15 PDT 2010
>> A) You have to sign either all occurences of a header or none of them, ...
>>
>> B) Same as A, but limited to an enumerated set of headers that are
>> supposed to occur only once.
>>
>> c) Same as B, but tell signers to use the h= trick to make verification
>> fail if extra headers show up.
>Realistically useful advice probably has to influence rendering of
>messages. That might mean MUA participation or it might mean mailstore
>participation that removes all (typically) rendered headers that are
>unsigned.
Gosh, I hope not. I'd like DKIM to be sturdy enough that I can trust
stuff signed by people I know and not have to backstop it by tricks
elsewhere to defend against malicious changes that DKIM didn't notice.
R's,
John
More information about the ietf-dkim
mailing list