Charles Lindsey:
> > When the bad guy sends mail with (multiple) forged headers, the
> > best they can get is that naive mail programs render their forged
> > header with an indication that THE BAD GUY'S DKIM SIGNATURE VERIFIED.
> >
> > Sending forged headers with bad guy's DKIM signatures is not an
> > interesting attack on DKIM.
>
> On the contrary, it is an exceedingly interesting attack.
If you believe that sending mail with a valid bad guy signature is
an interesting attack on DKIM, then that implies that you're willing
to believe mail that is signed by arbitrary strangers. That is a
problem that DKIM is not designed to solve.
Wietse
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
