On May 20, 2009, at 2:17 PM, Michael Thomas wrote: > Steve Atkins wrote: >> Why would you want to sign email as something you vouched for, >> while still enabling anyone to replace the content of the email >> with something else without invalidating that signature? > > You can't replace it; you can only append to it.
That's likely wrong, depending on the details of the l= usage. Firstly, one expressed use case for l= is "l=0" - in other words, don't sign any of the body. In that case I can put any body content in there I like, and it'll still be validly signed. Another use case is to use l= to sign a text part of an email, but not to sign an attachment. In that case I can obviously replace the attachment with my own content, but depending on the details of the email structure I may well be able to replace the text section as rendered to the user as well. Another use case is to set l= to the entire length of the email as sent. This case is a little less nonsensical than the others (though the supposed benefit it offers is not clear). I can still append raw content. Depending on the structure of the email I may well be able to have that appended content displayed in place of the original content. This is harder to exploit such that you can entirely replace the original content than the other cases, but given multipart mime and html there's no way I'd say it's impossible. (And, if we're talking phishing attacks, which is one of the supposed risks, then I can put a very effective phishing attack in just the footer of a message anyway - the place people expect to find "Contact Us" or "Log in to your account" or "Secure your access" links). Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
