Murray argued singleton header checks to qualify DKIM signatures
violates protocol layering. SMTP messages are exchanged in two parts, a
header and a body section. The header section should conform with
RFC5322, and the body should conform with RFC2045. RFC2047 and RFC2231
define header encoding for non US-ASCII repertoire using US-ASCII, and
RFC1652 relaxes restrictions on the body.
Section 6.4 of RFC5321 makes it clear that non-compliance with RFC5322
occurs, and that there is no consensus whether to reject, repair, or
accept such messages. RFC1847 (Security Multiparts for MIME), RFC4880
(PGP), or RFC3851 (S/MIME) authenticates the source and integrity of the
message body, whereas DKIM retains the integrity of trusted portions of
the header section, specifically the From header field, and perhaps others.
Whenever message acceptance is based upon valid DKIM signatures by
trusted domains, defeating trivial exploitation of DKIM's bottom-up
header selection requires exclusion of multiple singleton header fields
from being considered having valid DKIM signatures. Otherwise, this
would permit inappropriate header fields to be conveyed using top-down
selections. It is imperative that DKIM's verification process defeat
such exploits, since DKIM does not assume applications conveying the
header section is DKIM aware.
Expecting consumers of DKIM results to re-evaluate the header section
eliminates DKIM's value proposition. Recommending subsequent checks for
multiple singleton headers represents poor protocol layering, since this
would expect consumers of DKIM results to recheck the header section
being associated with a DKIM domain.
-Doug
___
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html