Steve Atkins wrote: > If a signer uses l=0 (or, given MIME games that can > be played, any other l= value) then the only thing you can say > about any validly signed message from that sender is that > the subject line of the message is the same as the subject line > of a message that sender signed. I don't think that's a useful > level of protection for any use case. > > It means that I can, for example, take one copy of a service notice > from my bank, leave the headers the same and replace the URLs > in the body of the message to links to my website, then send it > out to a hundred thousand people - and it would be validly signed > by the bank. (The only user-visible content I wouldn't be able to > change is the subject line).
This sounds like a plausible and serious scenario. Even with l>0, it suggests a line of attack -- by adding malicious text that appears to be part of the bank notice. What is the counter-argument, in favor of retaining l= ? Is there any evidence it is being used? Is there any evidence it is treated usefully by receivers? d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
