Address->Mail signing, multiple signatures

Brian Candler B.Candler at pobox.com
Fri Feb 27 12:40:53 GMT 2004


On Wed, Feb 25, 2004 at 01:54:12PM +0000, David Woodhouse wrote:
> So you start off with a mail which looks like this:
> 
> --------------
> 
> Resent-From: Joe <engineer at company.com>
> Resent-To: Sleuth <reporter at news.org>
> Resent-Message-Id: <102 at server.company.com>
> Resent-Date: Tue, 24 Feb 2004 11:30:02 +0000
> From: Fred <boss at company.com>
> Sender: Jane <secretary at company.com>
> Message-ID: <101 at server.company.com>
> To: Staff <all at company.com>
> Date: Mon, 23 Feb 2004 14:20:34 +0000
> 
> You're all going to be fired new week. Sucks to be you.
> 
> --
> Fred.
> 
> This mail was checked for viruses by some company's free advert.
> 
> --------------
> 
> If it were signed by Fred, as the author, he'd not have known the
> Message-Id or Date.

Why not? Those are headers added by the MUA.

> Only the content can he authorised. But he'd have
> added these headers (don't argue about names):
> 
> X-Auth-1-Pubkey: aaaabbbbccccdddd
> X-Auth-2-hash-content: 3,3d58b23a,hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh

Why would you put a pubkey identifier in? I thought the point was that you
would have to refer back to the DNS to find the public key.

> The only vaguely interesting bit is how we make the hash resilient --
> and I think the rolling checksum to find N lines within the body does
> that OK. 

I remain to be convinced; I think unless an MUA is aware of this signing
protocol, and is prepared to highlight the signed part in green and the
unsigned part in flashing red, then it's a weakness which is far too easy to
exploit.

> You take each MIME part separately if it's a MIME mail. Do the fuzzy
> hash thing only on text parts -- after un-base64-encoding if appropriate
> and converting to UTF-8. Other parts you just do a straight signature
> without screwing about.

S/MIME probably has something to say about how to handle MIME parts. The
only transformations you can expect to have occured is likely
Content-Transfer-Encoding (some MTAs do this, e.g. courier); I wonder if any
MTA would attempt a character set transformation? Sounds like a dubious
thing to do.

Regards,

Brian.



More information about the sender-auth mailing list