SM wrote:
Hi,
At 14:25 17-11-2005, Stephen Farrell wrote:
And can't the threats document (& later, whatever relevant spec) not
just say "don't do that" and thus avoid the problem?
The DKIM draft mentions:
"Under no circumstances should an unsigned header field be displayed
in any context that might be construed by the end user as having been
signed."
It could be extended further:
The "From:" header should not be signed if it contains more than one
sending address.
Exactly. Or whatever the correct variant might be e.g. I think
I'd prefer "don't sign at all if there's >1 From address" so that
we have fewer chances for verifier misinterpretation, but that
might be my security-and-not-email heritage coming to the fore.
Does anyone see such a statement as causing a problem? I could
imagine that moving from signing anything, to only signing some
mail messages might be either a good or a bad idea.
S.
_______________________________________________
ietf-dkim mailing list
http://dkim.org
