Dne 19. 08. 24 v 7:45 Murray S. Kucherawy napsal(a):
On Sun, Aug 18, 2024 at 10:18 PM Jan Dušátko <jan=
[email protected]> wrote:
I would like to correct to the "signed part of message is unchanged",
because of problematic length tag in DKIM-Signature header.
Are you observing widespread use of "l="? I seem to recall it had almost
completely fallen out of use.
As I recall, at the time of publication of RFC 6376, we debated removing it
but decided we couldn't because its use had not fallen to zero, but it was
pretty close.
Not sure, but I spend some time to eliminating abuse of that wrong
attribute.
Again, better to wrote if signed part of message has been altered. Anyone
can add anything after signed part, event. anyone can add a extensions in
case that you does not have signed appropriate mail headers.
If the signature verifies, a verifier can certainly tell that a message was
extended beyond the signed part, though it can't tell whether that was
added before or after signing. The implementation I did would tell you how
much was signed and left it to the consumer to decide what to do with that
information.
Based on my experience, I trying to enforce signing at the least those
attributes. Mostly attachments are not signet, which allow attacker to
manipulate with it. More, unsubscribe link could redirect approved
unsubscribe to malign and we can continue. I attached my minimum list,
any advice welcome:
From, To, CC, Sender, Reply-To, Subject, Message-Id, In-Reply-To,
References, Date, MIME-Version, Content-Type, Content-ID,
Content-Description, Content-Disposition, Content-Encoding, Precedence,
List-Unsubscribe
We discussed at some point the idea of providing MUAs with guidance about
how to display the signed part as different from the unsigned part, but
eventually backed away from giving any sort of general MUA advice like that.
-MSK
In my previous arguments about cryptography I forgot one important
thing. Some organization need to follow best practices or need to be
compliant with standards. DKIM standard could ignore other rules (ENISA,
NIST, ...), but that rules can also ignore DKIM standard. I have heard
few time simple question: In situation that DKIM does not follow
required security strength, could we still need to use it? Could we
ignore that technology? This is probably the most tough question which I
got. Because DKIM is not a silver bullet, but could raise a security
protection on higher level. Since October 2023 I have an answer, but how
long?
Regards
Jan
--
--
-- --- ----- -
Jan Dušátko
Tracker number: +420 602 427 840
e-mail:[email protected]
GPG:https://keys.dusatko.org/2E7D58B90FC2867C.asc
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
