Re: [ietf-dkim] detecting header mutations after signing

Fri, 15 Oct 2010 10:28:28 -0700 

Steve,

I believe its about protocol consistency.  While the main focus is 
DKIM progress, its issues and resolutions are related to ADSP as well 
as its a WG product as well.

For example, ADSP implementations now know that they need to make 
there is only one 5322.From as well. Like most software, when it has a

      header = GetMailHeader("From:")

it is not expected to return a list of headers, but a single entry and 
that generally done by finding the first one.

In short, we have "marked this on the WG to-do" list for ADSP 
"updates" if any, and implementations now know what they need to add 
to their ADSP support.

Its all about synergism.  We can't just completely ignore it and then 
miss something that needs to be done later.

-- 
HLS

Steve Atkins wrote:
> On Oct 15, 2010, at 9:50 AM, Murray S. Kucherawy wrote:
> 
>>> -----Original Message-----
>>> From: ietf-dkim-boun...@mipassoc.org 
>>> [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Charles Lindsey
>>> Sent: Friday, October 15, 2010 7:30 AM
>>> To: DKIM
>>> Subject: Re: [ietf-dkim] detecting header mutations after signing
>>>
>>> And if we are not going to fix ADSP (yet), then the only way we can stop
>>> that particular exploit is to fix DKIM.
>>>
>>> Arguing that "ADSP is a completely separate discussion" will achieve
>>> nothing.
>> If that's consensus, then we're on the slippery slope of "fixing" DKIM to 
>> deal with flaws at all layers above it.  And we'll never be done.
> 
> +1.
> 
> Any bug fixes for ADSP need to be done at the ADSP level.
> 
> If there's a bug that needs fixing at the DKIM level then if
> should be something that clearly needs fixing based on
> DKIM usage. (And I think that the very narrow case of
> messages that violate 5322 through multiple headers
> *may* be such, but any justification of that relying on ADSP
> isn't helpful).
> 
> Cheers,
>   Steve
> 
> 
> _______________________________________________
> NOTE WELL: This list operates according to 
> http://mipassoc.org/dkim/ietf-list-rules.html
> 
> 




_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Reply via email to