[ietf-dkim] Take two (was Re: Proposal for new text about multiple header issues)

[Alessandro Vesely]

On 26/Oct/10 19:08, Murray S. Kucherawy wrote:
>  On Behalf Of Alessandro Vesely
>>  On 26/Oct/10 06:58, Murray S. Kucherawy wrote:
>>>  a verifying module might return a syntax error code or arrange not to
>>>  return a positive result even if the signature technically validates.
>>
>>  -1.  How does "might" differ from "MAY"?
>
> In a bunch of ways.  In particular, though, it is deliberately not
> RFC2119 language, partly because that's not generally done in
> Security Considerations since that section is discussion
> (informative) rather than protocol (normative).

But it affects the result!  That way a verifier is encouraged to
determine the validity of a signature based on heuristic criteria.

This kind of checking belongs to scam filters a la SpamAssassin.
Now, SA doesn't do it.  Possibly, that's because it's statistically
irrelevant.  AFAIK, SA does not even analyze Authentication-Results,
but re-checks signatures anew.  Why?  Suppose one day the double-From
attack becomes trendy and SA developers will want to write code that
checks for the valid-signature + added-From pattern.  They would never
be able to use A-R, because those results might be flawed by such
non-normative arrangements:  This is where that layer violation hurts.

According to that text, it is strongly advised to have a scam filter
/integrated/ within a DKIM verifier.  Doesn't this slash the value of
stand alone verifiers and A-R fields?

JM2C