On 11/12/2016 22:50, Murray S. Kucherawy wrote: > I've posted a draft that attempts to address an attack that's begun to > appear with DKIM. Interestingly, we called it out as a possible > attack in RFC6376 and even RFC4871, but now it's apparently happening > and being annoying enough that people (I believe from the MAAWG > community) are asking if there's a protocol solution that's possible. > > https://datatracker.ietf.org/doc/draft-kucherawy-dkim-rcpts/ > > Comments welcome.
Thanks for codifying this proposal Murray. So per Section 5, this form of DKIM signature will fail to verify at a receiver who doesn't implement the new feature, period. And in fact any forwarding - whether it alters the RFC5322 message or not - would produce a DKIM verification failure at the next/final recipient. The language in Section 5 paragraph 3 seems to cover envelope splitting. Should this be expanded to address origin ADMD infrastructure such as split signer/MTA, analogous to the note about split MTA/verifier at the receiving ADMD in paragraph 4? Are there any usage guidelines or recommendations about how and when to use the new signing feature that I missed? For example is there another draft, or a thread in a different forum/list, that speaks to this? If it doesn't exist, do we need to create one? (Ulp - did I just volunteer?) I'd be curious to get feedback from folks who aren't enamored of ARC, but understand the motivating abuse... Thanks, --Steve. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
