[ietf-dkim] Take two (was Re: Proposal for new text about multiple header issues)
vesely at tana.it
Wed Oct 27 05:23:25 PDT 2010
On 26/Oct/10 19:08, Murray S. Kucherawy wrote:
> On Behalf Of Alessandro Vesely
>> On 26/Oct/10 06:58, Murray S. Kucherawy wrote:
>>> a verifying module might return a syntax error code or arrange not to
>>> return a positive result even if the signature technically validates.
>> -1. How does "might" differ from "MAY"?
> In a bunch of ways. In particular, though, it is deliberately not
> RFC2119 language, partly because that's not generally done in
> Security Considerations since that section is discussion
> (informative) rather than protocol (normative).
But it affects the result! That way a verifier is encouraged to
determine the validity of a signature based on heuristic criteria.
This kind of checking belongs to scam filters a la SpamAssassin.
Now, SA doesn't do it. Possibly, that's because it's statistically
irrelevant. AFAIK, SA does not even analyze Authentication-Results,
but re-checks signatures anew. Why? Suppose one day the double-From
attack becomes trendy and SA developers will want to write code that
checks for the valid-signature + added-From pattern. They would never
be able to use A-R, because those results might be flawed by such
non-normative arrangements: This is where that layer violation hurts.
According to that text, it is strongly advised to have a scam filter
/integrated/ within a DKIM verifier. Doesn't this slash the value of
stand alone verifiers and A-R fields?
More information about the ietf-dkim