On Thu, 23 May 2024, Philip Guenther wrote:
There's a related, though much less general, attack that works even if you
don't use the l= tag: on a message which has nested multiparts, there are
multiple potential delimiters that will look legit to a MIME parser, so if
you don't sign Content-Type** then an attacker can change the delimiter
from the outermost to a inner delimiter and make it appear that the sender
directly sent just that inner content, possibly resulting in
misattribution.
** or don't over-sign and clients use the first found...
I would prefer not to go there. A message with two Content-Type headers
or two Subject headers or Date or Message-ID and so forth is not a valid
message, and a DKIM signer or validator should just say no.
Before anyone mentions the robustness principle, it says to be liberal
*where the spec is ambiguous" which it is not here, and to be prepared
to recognize and reject garbage that doesn't meet the spec.
R's,
John
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
