Posted Jun 22, 2006 11:03 UTC (Thu) by dd9jn
Parent article: Domain Keys for email sender authentication
DKIM is in principle the right solution. Signing the entire mail and not just the headers or some of them allows to actually check for good or bad content.
The problem is that they try to invent the wheel from scratch. Instead of using established and well matured digital signing protocols like S/MIME or OpenPGP they came up with an entire new protocol. This DKIM protocol needs to go a long way until it will be useful and can't be abused.
For example, their canonicalization rules are very complicated. As they stand now, they allow to modify the mail by injecting new content and changing the existing MIME content invisible. It will be easy for spammers to take existing valid signed DKIM messages as template, insert their cruft and resend them to the world. Verification according to DKIM rules will show a valid and authentic message :-(.
FWIW, with gpg1.4.3 we are experimenting with a system called PKA which does exactly the same as DKIM but uses OpenPGP and may also be used for S/MIME.
to post comments)