At 05:17 18-06-2008, John Levine wrote: >[ not about ADSP, about DKIM ] > >An acquaintance points out that one could prepend an extra From: or >Subject: header to a DKIM signed message, which wouldn't break the >signature, but would often be displayed by MUAs which show the new one >rather than the old one. Needless to say, that weakens the practical >benefit of DKIM for people with MUAs like that.
Yes. As you pointed out, the message would no longer be valid according to 2822. >My theory is that DKIM only applies to valid 2822 messages, and it's not a >substitute for a sanity check for all the screwy things one can send in a >non-conformant message. Perhaps it would be a good idea someday to >collect experience and advice into an implmentation guide, but other >than that, it's not our problem. Agreed? There is an implementation note about signing all end-user visible header fields. The topic of multiple From headers came up during a discussion about a DK implementation. It was suggested not to sign such messages. If I recall correctly, the test was also done in the DKIM implementation. At the verification stage, it's better to do a sanity check on the headers before verifying the signature and flag non-conformant messages. Regards, -sm _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html