I've removed Tim Polk from the Cc: list because he is not our sponsoring AD. Our sponsoring AD is already on this list.
> -----Original Message----- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] > On Behalf Of Ian Eiloart > Sent: Tuesday, October 05, 2010 5:15 AM > To: Hector Santos; ietf-dkim@mipassoc.org > Cc: Tim Polk > Subject: Re: [ietf-dkim] ISSUE: 4871bis - Security Loop hole with Multiple > 5322.From > > > It has been observed by implementations that is it possible to replay > > a message with a 2nd 5322.From header at the top which wouldn't break > > the DKIM signature validity, but would often be displayed by MUAs to > > display the new 5322.From display rather than the signature bound > > 5322.From header. > > Ouch. That's nasty. But wouldn't it be better to advise MUA vendors to > display the signed header? Are there really MUA's that will display the > unsigned headers *and* assert that it was validated? If so, that's > surely a bug in the implementation of the MUA. This is a non-issue for DKIM anyway. All of this work is predicated on an email that's properly formatted, and RFC5322 says a message with multiple From: headers is malformed. So this is not specifically an attack on DKIM. I don't think it's practical in DKIM to enumerate all the ways various malformations can cause misleading displays in an MUA. The MLM draft work included some chatter about some advice for MUA implementers. If and when that work is consolidated into a new document of some kind, this issue would be a good one to put there. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
