[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Spoofing revisited

To: Earl Hood <earl@xxxxxxxxxxxx>
Subject: Re: Spoofing revisited
From: "william(at)elan.net" <william@xxxxxxxx>
Date: Wed, 27 Jul 2005 19:09:40 -0700 (PDT)
Cc: ietf-mailsig <ietf-mailsig@xxxxxxx>
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-mailsig/mail-archive/>
List-id: <ietf-mailsig.imc.org>
List-unsubscribe: <mailto:ietf-mailsig-request@imc.org?body=unsubscribe>
References: <> <> <>
Sender: owner-ietf-mailsig@xxxxxxxxxxxx

On Wed, 27 Jul 2005, Earl Hood wrote:

 DKIM-Signature: a=rsa-sha1; s=whatever; d=ispoofyou.org;
       c=simple; q=dns;
       h=Received : From : To : Subject : Date : Message-ID;
       b=dzdVyOfAKCdLXdJOc9G2q8LoXSlEniSbav+yuU4zGeeruD00lszZ
         VoG4ZHRNiYzR;
 Received: from 10.2.3.4-example.com  [10.2.3.4]
       by submitserver.example.com with SUBMISSION;
       Fri, 11 Jul 2003 21:01:54 -0700 (PDT)
 From: Joe User <joe.user@xxxxxxxxxxx>
 To: Suzie Q <suzie@xxxxxxxxxxxxxxxxxxxx>
 Subject: I need your help?
 Date: Fri, 11 Jul 2003 21:00:37 -0700 (PDT)
 Message-ID: <20030712040037.46341.5F8J@xxxxxxxxxxx>

...

In the example, the i= is a sub-domain of d=, but the From is
of a different domain (and what is displayed by MUAs).


Actually there is no "i" in above example. But your point of that
signature verified needs to know what identity is beint authorized
is correct. In META-Signatures I addressed this with explicit
declaration of identity, i.e. "id=from s=ispoofyou.org;" section would
not cause valid signature result if it is "From: joe.user@xxxxxxxxxxx"

--
William Leibzon
Elan Networks
william@xxxxxxxx

References:
- Spoofing revisited
  - From: Earl Hood
- Re: Spoofing revisited
  - From: Arvel Hathcock
- Re: Spoofing revisited
  - From: Earl Hood

Prev by Date: RE: alternate key server mechanisms
Next by Date: Re: Better DKIM Verification Example Needed
Previous by thread: Re: Spoofing revisited
Next by thread: Re: Spoofing revisited
Index(es):
- Date
- Thread