On 3/23/2023 10:00 AM, Alessandro Vesely wrote:
So, for example, anything depending on 're-signing' is not a DKIM
Replay Attack.
Right, except that re-signing can be (part of) a solution to the problem.
The 'except' is not an 'except', because your point does not counter or
qualify the
On Thu 23/Mar/2023 01:21:55 +0100 Dave Crocker wrote:
My understanding is that the term DKI MReplay Attack refers to a very specific
scenario.
The scenario is re-posting a message such that the original DKIM signature
remains valid.
Any other sort of re-posting does not qualify, under
On 3/22/23 6:00 PM, Scott Kitterman wrote:
That's my understanding, however that scenario also describes a normal mailing
list if it doesn't make modifications that break an existing DKIM signature or
any kind of forwarding with similar characteristics.
The issue has little to do with the
On Wednesday, March 22, 2023 8:21:55 PM EDT Dave Crocker wrote:
The scenario is re-posting a message such that the original DKIM
signature remains valid.
Any other sort of re-posting does not qualify, under this definition.
So, for example, anything depending on 're-signing' is not a
On Wednesday, March 22, 2023 8:21:55 PM EDT Dave Crocker wrote:
> My understanding is that the term DKI MReplay Attack refers to a very
> specific scenario.
>
> The scenario is re-posting a message such that the original DKIM
> signature remains valid.
>
> Any other sort of re-posting
My understanding is that the term DKI MReplay Attack refers to a very
specific scenario.
The scenario is re-posting a message such that the original DKIM
signature remains valid.
Any other sort of re-posting does not qualify, under this definition.
So, for example, anything depending on
