[ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft)
Michael Thomas
mike at mtcc.com
Fri Aug 12 06:50:17 PDT 2005
Andrew Newton wrote:
>
> On Aug 11, 2005, at 6:54 PM, Ned Freed wrote:
>
>> As I just stated on the IETF list, absent a clear statement of what
>> this threat
>> analysis is actually supposed to analyze, I for one have little
>> interest in
>> "trying". I view my time as better spent trying to get the relevant
>> ADs and IAB
>> members to produce a coherent statement of what it is they want.
>> Spending time
>> on something that stands a good chance of not being what was asked
>> for is not,
>> IMO, useful.
>
>
> Ned,
>
> It would be ideal to have an RFC with the title "How to write a Threats
> Analysis", but no such thing has been written. We do have three simple
> questions from the relevant AD, and I don't believe Russ has given them
> to us as busy-work... he's simply not that type of person.
I don't believe that either Ned or I have been characterizing
this as busy work. The problem is that even the guide Russ
gave is ambgiuous. If I remember correctly, it was what Jim
and Eric were working from when at IETF, and they missed the
mark. As I mentioned to Steve Kent, I _suspect_ I have an
idea of what they want, but neither the bounds nor depth
have been set -- does PHB's email-fax phishing scam along
with the huge number of other variations on the theme need
to be mentioned? What is the approximate weight? 1 page?
10 pages? 1000 pages? The DoD, I'm sure, pays good money
for their analyses and they probably expect them to be
comprehensive.
Ned brought up the PANA threat/requirements draft
(which I had forgot that I was one of the reviewers).
Is that the right model? If so, I have already written a
draft that looks very similar for MASS/DKIM which I was
going to circulate for our requirements deliverable. If
it's not... well, we need help on what it is.
> And after hearing people at the BoF speak of DKIM as bounce protection,
> I can understand the broader IETF community asking us to go through
> this exercise.
Or they can simply pay a little bit more attention.
If I remember correctly, both the original DK and IIM
drafts had motivating text which largely went through
the various threats due to email forgery. I guess that
the inference is that the threats discussed there were
not sufficient since they also elicited calls for a
threat analysis. Which leaves me even more unsure what
is being asked for.
> So I wonder if this threats analysis would benefit from a list of
> things DKIM is not designed to guard against.
Well, we put several in the charter, maybe it's time
add a new one.
Mike
More information about the ietf-dkim
mailing list