No, replaying a message that happens to have a DKIM signature in it is
not what we're talking about when we refer to "DKIM replay". The
point of a DKIM replay attack is specifically to use a signature that
continues to validate in order to get false credibility.
Barry
On Wed, Jan 11, 2023 at 11:
On 1/11/2023 8:15 AM, Grant Taylor wrote:
I'd think that both are a replay. A signature that validates would be
a successful replay while a signature that fails is a failed replay.
But both are replays to me.
Remember, an attack doesn't need to succeed to be considered an attack.
If the D
On 1/11/23 6:54 AM, Dave Crocker wrote:
The thing that we should go out of our texts' way to make clear is that
DKIM Replay requires that the replay attack send mail that retains DKIM
/validation/. Not the mere reuse of the signature, but the continued
validity of that signature, for the messa
A discussion elsewhere surfaced a point of confusion about this topic.
On the average, when one person is unclear, so will others be.
The thing that we should go out of our texts' way to make clear is that
DKIM Replay requires that the replay attack send mail that retains DKIM
/validation/.