On 7/7/11 10:09 AM, Pete Resnick wrote: > DKIM can only be "deployed to mount a > variety of attacks" if the recipient has already made the fatal mistake > of assuming that the existence of a cryptographically valid signature > *means* that the message is reliable and from a known "good" sender. Strongly disagree!
Security must consider what is meant by verification. The fact that a signature appears valid although _significant_ visible aspects of the message's author, subject, date, etc can be altered represents a clear threat and a present danger in the verification process that also threatens policy layers such as ADSP! Ensuring verification is not deceptive does not represent a layer violation. Expecting consumers of DKIM results to guess whether critical verification aspects were checked is a layer and a trust violation! A layer violation since DKIM MUST understand critical aspects of the verification process! A violation in trust since offering a verification pass for a message with multiple From header fields is clearly negligent. Had the pre-pended exploit not been missed in the original threat review, the verification process would NOT have over looked this serious failing. The expressed goal was to ensure subsequent processes not be DKIM "aware" for safe and incremental DKIM deployment. While there are many ways a malefactor might attempt to deceive recipients, due to the verification flaw any false expectation that DKIM used by a phished domain offers protection places recipients in even greater peril. This may even invite the phishing that DKIM was intended to help mitigate. With this verification flaw, reputation CAN NOT offer protection when misapplied to grant acceptance of deceptive messages. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
