On 16/Sep/10 18:49, Murray S. Kucherawy wrote: > From: [email protected] On Behalf Of Ian Eiloart > >> I don't think so. The original signature should only sign the >> DKIM- required and From headers, and perhaps enough other headers >> to reduce utility of replay attacks. Importantly, they should >> only sign parts that are likely to be unbroken by the MLM, thus >> satisfying ADSP requirements. However, the recipient knows that a >> valid signature from the MLM is required, too. Thus, the original >> DKIM signature is only valid for messages going through the list >> - off list replay isn't possible. On-list replay can be limited >> by ALSO including a full DKIM signature, for the list to check >> before redistributing. > > I'm worried about that third sentence. If people are encouraged > not to sign Subject:, for example, which is a popular display > header field, one could spamify that field and re-send the > message.
Yes, suppose I usually sign everything, except when the only recipient is [email protected]: in this case I only sign From: and Date:. One cannot replay a modified version of the message, because of the 2nd party joint signature. Thus one has to remove mipassoc.org's signature, and then she can compose any message, constrained only by the original From: and Date:. A third signed field, DKIM-Required: mipassoc.org is meant to avoid exactly that. > If you subscribe to the idea that a DKIM signature reflects a > domain taking some responsibility for a message, I'd have a hard > time not signing Subject: (or From:) for any reason. Why? DKIM seeks to forbid modifications in order to avoid replaying. On 16/Sep/10 13:05, MH Michael Hammer (5304) wrote: > Ian, this makes no sense to me. If a signing domain is concerned enough > to choose to implement ADSP, why would they reduce what they are signing > to accommodate a small percentage of their mail going to MLMs that they > may or may not be able to identify? I don't remove the locks on my doors > because there is a possibility that someone might break one of my > windows. > > I've said it before and I'll say it again. MLMs are the tail, not the > dog. Don't wag the dog. Messages can also be replayed as-is, for the sole purpose to game the author domain's reputation. DKIM can sign To: and Cc:, but not Bcc:, and then these are not tied to the actual recipients list. This wagging is about delimiting message streams, hence it's not necessarily tied to MLMs only. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
