The email authentication protocol DomainKeys Identified Mail, aka DKIM, is winding its way through the standards track, and seems to be the future of email authentication. Recently, a lone voice, a security researcher with Trend Micro, seemingly upset at being sidelined during various industry association and standards track discussions, has taken a specific concern public. He's gone so far to label DKIM an "evil protocol," because of a possible exploit he has identified. 

Problem is, this hack supposedly exploits a "potential hole" that is not even open, by most measures. This involves taking a legitimate message and adding another from address to that message, fooling recipients into perhaps looking at, and believing, the wrong from header. Problem is, an email message with multiple from addresses is already prohibited under the current SMTP specification (which is currently RFC5322, a descendant of RFC822). Messages composed in this manner are already heavily filtered and not trusted. It really has little to do with DKIM or email authentication. 

Not only is this much ado about nothing, but I believe that Trend Micro's unwarranted hyperbole on the topic is harmful. And I'm not the only one who thinks so. Software engineer Barry Leiba calls Trend Micro's warning "severely flawed," "laughable," and "ridiculous." 

Dave Crocker, the author of RFC822, many other RFCs, and longtime participant in multiple anti-abuse and standards track forums and organization, agrees. He says that "the blog's description of the facts, its premise about the requirements, and its apparent understanding of DKIM's functionality all suffer from basic flaws." 

In short: Nothing to see here-- move along.

Post a Comment