On May 20, 2009, at 4:31 PM, Michael Thomas wrote: > Steve Atkins wrote: >> On May 20, 2009, at 3:57 PM, Michael Thomas wrote: >>> Steve Atkins wrote: >>>> Remember that we're considering the content of the message as >>>> displayed to the end user here, >>> No we're not. That has never been in the scope of the DKIM effort. >> Even if it weren't section 8.1 of the existing RFC, it's pretty >> obvious that a security issue that allows an attacker to create a >> validly signed email with their own content without access to the >> associated private key would be in scope for discussion. > > They cannot alter the signed text.
They can't alter the signed *bytes*. They *can* alter the signed text. That's the crux of the issue. > That's all DKIM guarantees. It's > not in DKIM's scope to tell mail receivers what to do with the > message, signed text or otherwise. Stupid receivers are free as > always > to do stupid things. Smart receivers are free as always to do smart > things. As is ever was. Sure. The question is whether we want to have the spec encourage smart behavior or encourage stupid behavior. The existence of l= certainly allows stupid behavior, and probably encourages it. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
