[ietf-dkim] Doublefrom language should be in ADSP, not core
McDowell, Brett
bmcdowell at paypal-inc.com
Sun Jul 10 03:15:25 PDT 2011
-1
---
Sent from my mobile phone
On Jul 10, 2011, at 3:58 AM, "Michael Deutschmann" <michael at talamasca.ocis.net> wrote:
> On Sun, 10 Jul 2011, Hector Santos wrote:
>> Now of course, if ADSP was a standard and whitehouse.com had an
>> exclusive signing policy, receivers would of rejected the junk
>> distributed by Dave's list server as an ADSP violation. But ADSP is a
>> pipe dream.
>
> The attack only matters if the user believes that forgery is impossible
> because his ISP and the putative sender both "deploy ADSP" -- and thus the
> fact that the message made it to his mailbox means it has to be validly
> signed. (Of course, such users are suckers for messages from "0bama"...)
>
> Otherwise, "Obama" messages with an alternate From: (which the forger
> hopes the MUA will ignore) and signature for that second From:, are no
> more convincing than plain old forgeries with a single From: and no
> signature at all. In fact, they can be less effective, since:
>
> 1. At any step on the way, the message may be rejected as a protocol
> violation.
>
> 2. The MUA might display to the user, the From: instance that was
> intended by the forger for the validator's eyes only.
>
> 3. The lazy validator might act on the From: instance that was intended
> by the forger for the MUA to display.
>
> Failures (from the forger's perspective) 1 and 2 produce a result less
> convincing than a simple unsigned forgery. Failure 3 produces a result
> no more convincing than the simple unsigned forgery.
>
> ---- Michael Deutschmann <michael at talamasca.ocis.net>
> _______________________________________________
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html
More information about the ietf-dkim
mailing list