On Wed, 06 Jul 2011 21:51:49 +0100, Hector Santos <hsan...@isdg.net> wrote:
> My only comment is that we are making way too much out of this. > > DKIM requires a From: hashing a minimum requirement and since RFC5322 > only one there are two basic fundamentals rules, together called the > One From DKIM Rule: > > One From DKIM Rule: > > Verify - DKIM must only see one From when verifying. If multiple > From: headers are found, the message is automatically > invalid > from a valid DKIM signature standpoint. > > Signing - DKIM must only see one From when signing. If multiple > From: > headers are found, the message is automatically invalid for > a DKIM signature standpoint. In other words, it MUST NOT > continue and sign the message. > I agree with the above entirely, and have proposed such wordings many times. But unfortunately the consensus of the WG has been to not include such wordings. > Dealing with Exploits: > > For the most part, we are dealing with injection of addition From: > header(s) in an already signed message. DKIM implementations > following the One From DKIM Rule, will mitigate this problem. No, I think my first scenario, where the attacker signs on behalf of his throwaway domain, will turn out to be the more common attack, if we do not fix this problem. -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email: c...@clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html