On 8/20/2017 9:25 PM, Bron Gondwana wrote:
It is protected by the original DKIM-Signature. Message-Id is pretty
high on the recommended hashed header list.
But if the original DKIM signature was lost, all bets are off and
nothing else matters unless ARC is attempting to replace DKIM which
you just illustrated it is quite easy to create alternate paths, even
when its not all to the same final destination.
Right - so how exactly does that help, given that you've modified the
message since then? You could easily change the message-id at the
same time. If the original DKIM-Signature still passes then sure, you
can't modify anything. But then you don't need ARC anyway.
If the DKIM signature allowed you to tell that some of the protected
headers were unchanged while allowing others to change, then it would
mean something - but the whole point of ARC is for when DKIM doesn't
validate any more, and if DKIM doesn't validate any more then the
message-id can be spoofed too.
Which brings us back to square one, the lost of the 1st party
association with the author-domain and the signer-domain whose
signature is broken. ARC needs to re-establish this association if
its going to grab the "security baton" from DKIM.
I presume the first seal is the association. Any other subsequent
seal is beyond the author-domain understanding (unknown) other than
its expected to be valid chain to the end which the receiver can verify.
So one way to mitigate the "Chain Trimming" problem is to a) reseal
the message-id and b) provide insight of the expected final destination.
List servers are now resigning and not to beat on the proverbial dead
horse, we don't have the 3rd party association to work with. ARC is
trying to change that, I suppose.
DKIM supports the concept of user tags. I've explore this. You will
notice in my isdg.net DKIM-signature, it will have atps= tag;
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1;
c=simple/relaxed; l=910; t=1503273855; atps=ietf.org; atpsh=sha1;
signifying the list domain, ietf.org, is the expected authorized
resigner and can be trusted. As long as the original signature is
valid, that tag can be used by the receiver to confirm the resigner.
But that signature is lost.
I guess, overall, if ARC reason to exist is because of lost of
original signatures, and it has a trimming problem, then this should
not to be taken lightly. It will suggest there several original DKIM
hashed headers that need to be preserved in order to mitigate the
potential issue.
--
HLS
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
