[ietf-dkim] Data integrity claims
dhc at dcrocker.net
Fri Oct 15 21:10:48 PDT 2010
On 10/15/2010 8:32 PM, Mark Delany wrote:
> Therefore one could
> argue that DKIM is "protecting" that relationship between the message
> and identifier.
Clever phrasing. Might be too subtle for general use, but I think it offers a
perspective that could be useful.
I think the issue here is that when people talk about protecting a message, they
tend to have in mind all sorts of attacks designed to trick users. DKIM
actually does not have much to say about such things.
Yes, it ties an identifier to a bag of bits, and yes it specifies what those
bits are, but it really does deal only with those bits and not (necessarily) the
entire message. And its protection of those bits is quite limited, relative to
various important assertions that might be made about those bits (and/or the
entire message) but which DKIM does not know or care about.
More information about the ietf-dkim