Hector Santos wrote: > Suggested correction to TA: > > Add a new attack item: > > Inconsistent Signature vs. Policy Attacks > Impact: High > Likelihood: High > > If a new column "Detection/recovery" is added as suggested in a previous > TA review comment, then this would change to: > > Inconsistent Policy Attacks > Impact: Low > Likelihood: High > Detection/Recovery: High > > Background reasoning: > > Currently the SSP draft intent is to only apply SSP against messages > lacking a signature. If a valid signature is found, then SSP is not > necessary. [Note: if this understanding is incorrect, please correct > it.] > SSP is not necessary if a valid originating address signature is found. If the only valid signature(s) is/are third-party, it is still necessary to check SSP associated with the originating address. > Ironically, this SSP draft specification would present the highest and > more probable threats or occurrence of the DKIM/SSP proposal. By > following the draft specification, there will be many loopholes. > > Example loopholes: > > 1) A message is signed, but the SSP indicated a "o=." (No mail expected > from domain). > There has been a lot of discussion of "o=." but it's not actually in the current version of the SSP draft. I personally don't think it's really necessary. But that's probably a better topic for later.
> 2) A message is signed, but the first party domain has no declaration of > a signing policy. Currently, the SSP draft has no specification to > expose a "No signature expected" policy. Instead, the NXDOMAIN DNS > result for a SSP will result with a default o=~ policy (optional > signing by any party). > In the presence of a "no signature expected" policy, would a message with a valid signature be more suspicious than one without? But if no signature is expected, why would the OA domain have any keys published in the first place? > 3) A message is signed by a 3rd party, but the SSP indicated a o=! > policy where the original domain signature is required, and a 3rd > party signature is not expected but allowed to be present. > > Note: The o=! policy can be a defined a "near exclusive" policy, but > it is not an absolute exclusive policy consideration. > I'm afraid I don't follow this. > 4) Although there is no current SSP specified in the draft to declare an > optional original domain signature and no 3rd party signing expected > the policy exist for this scenario to occur. > > These signed mail "NO need for SSP" attacks should be consider to have a > high potential occurrence with direct attacks and indirect attacks. > > Direct attacks would be bad actor attempts to exploit compliant DKIM/SSP > systems. Indirect attacks would be bad actors attempts to exploit > non-compliant DKIM/SSP and rely in "social engineering" exploits. With > indirect attacks, bad actors will not emphasize on protocol correctness. > > These attacks can be detected if the SSP is checked against the domain > whether the message is signed or not. This will lower the risk, the > uncertainty of bad attack exploits and hence, lower the impact of these > high probably attacks > Sorry, I'm not following this either. It seems the threat has to do with receipt of signed messages when none should be expected. But isn't this addressed simply by not publishing any key records? -Jim _______________________________________________ ietf-dkim mailing list http://dkim.org
