[ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft)
Michael Thomas
mike at mtcc.com
Tue Aug 9 17:33:42 PDT 2005
Eric Allman wrote:
> I'm not sure that we aren't in agreement here. But I'm also not sure
> that we are.
>
> The granularity of the identity is (potentially) per user.
Yes. This what I believed to be incorrect in Dave's statement.
> But the
> granularity of the signer is per-selector.
Yes, which is under the control of the domain, not the
individual user (unlike PGP/SMIME).
> Thus, the identity in i= is
> really a statement by the domain that "I have good reason to believe
> that this is the responsible party" --- and "good reason to believe" is
> left undefined, at least in the DKIM spec.
Yes.
> The point is really to be able to establish accountability. Viewed
> externally, the domain is the responsible party for the message. But
> internal to that domain, the local-part of the i= is useful. This is
> almost a one-for-one analogy with email addresses, where the local-part
> is opaque to all but the recipient domain.
Well, it may be opaque to the mail transport system, but
origination addresses are not taken as opaque by end users.
In this respect, DKIM does seem to want to make them
somewhat less opaque wrt the verification/binding process.
Mike
More information about the ietf-dkim
mailing list