On Tue, Jul 10, 2018 at 10:48 PM, Murray S. Kucherawy <superu...@gmail.com>
> On Tue, Jul 10, 2018 at 1:24 PM, Jim Fenton <fen...@bluepopcorn.net>
>> On 7/10/18 12:43 PM, Murray S. Kucherawy wrote:
>> AMS is basically the same as DKIM-Signature, and so it covers body
>> modifications. When you verify the seal, you must also verify the latest
>> AMS, which in turn means the seal is invalidated as soon as someone changes
>> the content.
>> Which goes back to my original question. If you need to check the AMS
>> anyway, what additional purpose does the AS serve?
> It's an interesting question. I imagine it's similar in nature to the
> fact that the crypto part of a DKIM-Signature will still pass for a message
> with a modified body; you have to then check that "bh=" matches the current
> content before you can truly assert that the signature is valid.
I think that there is a bit of a difference here and terminology is not
being used precisely. The "seal" (AS) is not invalidated when someone
changes the content. The "signature" (AMS) is. The "seal" (aka AS) remains
valid as long as someone doesn't tamper with the chain (consisting of the
triplet ARC header fields). That allows intermediaries to change the
content and then attest to their changes within the scope of a still valid
AMS (at least the most recent one) tells you about the general headers
(covered by the signature) and the body. AS is used to string the chain
together and avoid having modifications break the chain.
dmarc mailing list