[ietf-dkim] detecting header mutations after signing
hsantos at isdg.net
Wed Oct 13 15:19:03 PDT 2010
John R. Levine wrote:
> I'm certainly not suggesting a full 5322 body cavity search, but I think
> reasonable checks would include checking for duplicates of headers that
> MUAs are likely to show, such as Subject, To, From, Sender, and Cc.
Personally, I think 5322.From is the main thing but if you wish to
include the others, I'm good with that.
I think the main point is we have a real chance here to finally solve
or address a long time 822/2822/5322 issue that only DKIM can claim
today to help resolve or prevent from getting exploited in the future
and if it help create in incentive for these checks to be done at MSA,
MDA including when these systems use DKIM bypassing existing checks,
Hector Santos, CTO
More information about the ietf-dkim