I don't have a strong horse in this race. But I'll just chime in that from my perspective I was thinking of both of these as DKIM Replay. I have been calling any case where the DKIM signature is not broken and the spammer resends multiple copies as DKIM Replay.
On Fri, Jan 19, 2024 at 11:20 AM John Levine <jo...@taugh.com> wrote: > It appears that Evan Burke <evan.s.bu...@gmail.com> said: > >> Insisting on using the same term for these two different cases has an > >> academic purity to it, but has already been demonstrated to be > destructive > >> in practical terms, because it creates confused discussion. > > >No, that's exactly backwards. The oversigning case is a subset of the > >general DKIM replay case, because mitigation techniques for general DKIM > >replay - they do exist, though they are imperfect - also apply to cases > >where header addition has taken place. Oversigning is a defense against > the > >subset of DKIM replay where headers have been added, but not the general > >case. > > I think you've rather proved Dave's point. Resending the identical > message and mutating a signed message with duplicate headers are > different problems even though they have some technical overlap. > > I don't really care what people call them but it would be nice if they > had different names so we don't have to use six round trip messages > each time to figure out which one we're referring to. > > Pretty much everywhere except this mailing list "DKIM Replay" means > the former, resending the identical message. > > R's, > John > > _______________________________________________ > Ietf-dkim mailing list > Ietf-dkim@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-dkim >
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim