On Oct 15, 2010, at 7:13 PM, John Levine wrote: >> In this case, we've gone to some lengths to make the environment >> pure, by using the underscore branch. And then along come these >> pesky wildcards. > > Even without wildcards, there's been a variety of broken key records. > > I would hope it would be obvious that you have to assume that any data > you haven't previously verified is potentially hostile, either > deliberately or by mistake. This refers to DNS keys, DKIM signatures, > and the message you're trying to sign or verify. > > By the way, has everyone tested their signing code to see what happens > if there's no From: header at all? Do we even agree what the right > thing is?
h=From with no From header is fairly well defined, I think. The message will be signed, and that signature will validate just fine, unless something in the message is modified - such as adding a From: field. > I'd think it'd be approximately the same as if the private > signing key (the only other mandatory input I can think of at the > moment) wasn't present. If it fails, it's broken, I think. There's nothing special about the >From field, other than it having to be one of the signed headers. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html