DKIM has the ability to sign headers on a per-header basis. I looked at Google's headers, and they DKIM sign ContentType.
What is the security benefit of signing ContentType?
Asked
Active
Viewed 166 times
1 Answers
2
It obviously have higher security, because some formats can be interpreted in other ways in other formats.
This is a pretty "stupid" example, which requires cooperation of the signer, but take this: If you concatenate a ZIP file (Content-Type: application/zip) with a GIF file (Content-Type: image/gif), the ZIP file will be the one presented when using Content-Type: application/zip, and the image will be the one presented when using Content-Type: image/gif. Concatenating zip+gif will result in a multiformat file, that because zip have their header at the end of the file, anything after that is ignored. GIF have their headers at the beginning, anything before is ignored.
Lets say you fradulently make a signer sign such a concatenated file. You could then fool the receiver that the signer sent him the GIF file, when he in fact sent the ZIP file (or vice versa), if you were in such position so you can intercept and modify the email after it has been signed.
Note that theres other formats (like docx and pptx and such) that can be interpreted in other ways if the Content-Type is changed.
So in short, it enhances security - but not that much.
sebastian nielsen
- 207
- 2
- 10