[ietf-dkim] Not exactly not a threat analysis
mike at mtcc.com
Wed Aug 17 12:28:10 PDT 2005
Keith Moore wrote:
>>> c. Message was authored by A but signed by someone else. Show the
>>> field but also show a highlighted alert that says "This message claims
>>> to be written by A but was signed by B".
>> You just lost My Mother, I think. Well, at least you lost
>> me because I have no idea how I ought to behave in its
> it's worth exploring, I think.
> a) What would you do if you got a snail mail that purported to be
> from George Bush but for which the signature at the bottom read Rush
Wonder whether anybody's seen Karl Rove and Rush Limbaugh in the
same room at the same time?
> b) What would you do if you got a snail mail that purported to be
> from president at whitehouse.gov but for which the signature at the
> bottom read george.bush at whitehouse.gov?
Demand a recount?
> i.e. is it ever reasonable for the From address to be a "role"
> address and the actual signature be by an individual? and if it is,
> is the signature meaningful? would it be meaningful if you had an
> established relationship with that person and knew that was his email
> address? what if you didn't?
> would it make more sense to say that the "role" address should sign
> the message? what about when different people are authorized to fill
> a role? wouldn't you want to know specifically who signed it?
> would it make sense to forbid "role" addresses in From fields? OTOH,
> they're useful.
I dunno, here I guess I'm willing to believe that carbon based units can
sort this sort of thing out. Going too far into local part semantics seems
if nothing else to pull us way away from the goal of having something
easily deployable. The DKIM signature is, IMO, intentionlly fuzzy about
how much you should trust the local part because it's wound up in how
much you trust the domain doing the signing in the first place,. That trust
is the subject of another piece of work which I believe can build on
DKIM's more modest goal.
More information about the ietf-dkim