[ietf-dkim] Pete's review of 4871bis
Murray S. Kucherawy
msk at cloudmark.com
Wed Jun 29 12:26:18 PDT 2011
> -----Original Message-----
> From: ietf-dkim-bounces at mipassoc.org [mailto:ietf-dkim-bounces at mipassoc.org] On Behalf Of Dave CROCKER
> Sent: Wednesday, June 29, 2011 11:56 AM
> To: Pete Resnick
> Cc: DKIM
> Subject: Re: [ietf-dkim] Pete's review of 4871bis
> If I missed it, I apologize, but have you define what you mean by "attack on
> DKIM"? And why is it important to distinguish which category an attack
> falls into?
I'll offer this up:
Something is an "attack on DKIM" if it involves input that can cause DKIM to report a "pass" when it should report a "fail", or report "d=example.com" when it should've said "d=example.org".
Since the general output of DKIM is pass/fail and a domain name plus some other optional signature stuff, I fail to see how double-From type attacks are attacks on DKIM. Rather, I think these things we're discussing are attacks on MUAs (or on ADSP implementations) that fail to do RFC5322 enforcement or fail to understand what DKIM is telling them.
More information about the ietf-dkim