On Tue, Jul 10, 2018 at 10:48 PM, Murray S. Kucherawy <[email protected]> wrote:
> On Tue, Jul 10, 2018 at 1:24 PM, Jim Fenton <[email protected]> > wrote: > >> On 7/10/18 12:43 PM, Murray S. Kucherawy wrote: >> >> >> AMS is basically the same as DKIM-Signature, and so it covers body >> modifications. When you verify the seal, you must also verify the latest >> AMS, which in turn means the seal is invalidated as soon as someone changes >> the content. >> >> >> Which goes back to my original question. If you need to check the AMS >> anyway, what additional purpose does the AS serve? >> > > It's an interesting question. I imagine it's similar in nature to the > fact that the crypto part of a DKIM-Signature will still pass for a message > with a modified body; you have to then check that "bh=" matches the current > content before you can truly assert that the signature is valid. > I think that there is a bit of a difference here and terminology is not being used precisely. The "seal" (AS) is not invalidated when someone changes the content. The "signature" (AMS) is. The "seal" (aka AS) remains valid as long as someone doesn't tamper with the chain (consisting of the triplet ARC header fields). That allows intermediaries to change the content and then attest to their changes within the scope of a still valid chain. AMS (at least the most recent one) tells you about the general headers (covered by the signature) and the body. AS is used to string the chain together and avoid having modifications break the chain. --Kurt
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
