[ietf-dkim] Ticket #17
dotis at mail-abuse.org
Tue Apr 26 18:43:06 PDT 2011
On 4/26/11 2:03 PM, Dave CROCKER wrote:
>> Detecting Fake A-Label use is essential for the safe introduction of UTF-8 throughout email
> DKIM does not have the task of validating input. In addition, the nature of
> DKIM's crypto algorithms provides quite a bit of validity checking inherently.
> This ticket is invalid.
When DKIM allows garbage input, DKIM's output is also garbage and
untrustworthy. The saying Garbage-IN Garbage-OUT is still valid. Fake
A-Labels can still resolve resources satisfying DKIM's signing
algorithms. Cryptography only indicates some odd domain published a
public key matching the key used to sign a message. The A-Label concern
will become more apparent when UTF-8 encoding is generally permitted
Applications that simply use RFC3492 to display A-Labels could offer
highly deceptive information when Fake A-Labels have not been excluded
by the DKIM verification process. Rules imposed by RFC5890 improved
UTF-8 security significantly and should truly play a role in the DKIM
The DKIM protocol is logically where Fake A-Labels and malformed
messages should be detected. Why give malefactors an ability to
generate deceptive and misleading information? Doing so would be evil.
Not validating input creates a bigger mess when used in conjunction with
RFC5336bis. As such, it seems unfair for the DKIM WG operating within
the Security area to close and then hand a mess over to the Applications
area EAI WG.
More information about the ietf-dkim