> -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Charles Lindsey > Sent: Friday, July 08, 2011 3:52 AM > To: DKIM > Subject: Re: [ietf-dkim] Final update to 4871bis for working group review > > 1. The fact that DKIM choose headers to sign from the bottom up (for good > reason) facilitates certain attacks (not against DKIM, but certainly > against somone/something) needs to be drawn to the attention of > implementors of identity assessors, so that they can take appropriate > action.
That's not part of what DKIM tells an assessor, nor is the list of signed header fields, so I don't see why that would be a useful thing to highlight. For example, if a message contains two Subject: fields, the assessor doesn't know which was signed; could be neither. It still gets an SDID out of the verification and nothing more (possibly not even that if the signature failed). > 2. The fact that an attacker (whilst following DKIM to the letter) can use > it, in conjunction with duplicated headers, to add credence to his message > also needs to be drawn to their attention. Same answer. All you get is an SDID, if that. The credence you add to the content comes from what you do with that value. An assessor that gives a thumbs-up to any signed message without at least considering which SDID signed it is faulty. But how the assessor works is not in scope here. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
