RFC 6376, "DomainKeys Identified Mail (DKIM) Signatures", September 2011

Note: This RFC has been updated by RFC 8301, RFC 8463, RFC 8553, RFC 8616

Errata ID: 6769
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Ale Vesely
Date Reported: 2021-12-01
Held for Document Update by: Murray Kucherawy
Date Held: 2021-12-02

Section 8.2 says:

An example of such an attack includes altering the MIME structure,
exploiting lax HTML parsing in the MUA, and defeating duplicate
message detection algorithms.

It should say:

In case of MIME structures, the value of l= should cover all of the
body, including the terminating boundary and the epilogue, so that
altering the structure is not feasible.  In any case, if l= is set and
Content-Type is not signed, an attacker can replace it with a multipart
type and thus relegate the original body to the role of a MIME preamble.

Notes:

Duplicate message detection algorithms should consider Message-ID. When they compare the body, they should be sophisticated enough to recognize specific key fields, for example to avoid accumulating duplicate values of financial transactions.

Report New Errata