[ietf-dkim] DKIM Threat Analysis v0.06

Arvel Hathcock arvel at altn.com
Thu Aug 18 04:42:58 PDT 2005 

Here's what I think.

> 1.  Who are the bad actors that DKIM is trying to thwart?  Put another
> way, if DKIM is deployed, what bad actors will have to find a different
> way to perform their bad acts.

The bad actors are anyone who would use a domain name in an identity header 
of an email message without authorization from the domain owner.  The same 
will have to discover a new means of doing so.

> Also, what resources do these bad actors have at their disposal?

I assume "resources" refers to the set of conditions the bad actor finds 
which enables him to achieve his goal.  These are primarily (a) the 
wide-open unauthenticated nature of SMTP which lets anybody claim they are 
anybody else (b) the wide-open unauthenticated nature of RFC-2822 which has 
no inherent mechanism for restricting the use of identity headers to the 
domain owner (c) the relative lack of use (for whatever reason) of stronger 
security measures such as S/MIME and PGP and (d) the ubiquitous habit of and 
conditioning imposed through the display of the RFC-2822.From identity 
header to email consumers in preference to any other identity.

> 2.  Where are these bad actors in the protocol environment?  Where in
> the email system do they pop up to perform the acts that DKIM is trying
> to prevent.  Again, different bad actors may appear at different places.
>
> 3.  What are the bad acts that DKIM is trying to thwart?  The first two
> questions are really background for this question.

These are so related it's hard for me to separate.  Unauthorized domain use 
is a means to several ends.  The 'end' will determine where, in the email 
delivery chain, the bad actor "pops up".  When the goal is to trash the 
reputation of a domain owner in the eyes of an email user or ply some scam 
part of which requires the unauthorized use of a domain to lend it 
credibility, the "pop up" is the MUA of an email user and the effect takes 
place in the mind of that user.  When the goal is to thwart filtering agents 
or attempt to manipulate a receiving domain's incoming email policy in some 
way the "pop up" is at the point wherein those processes are invoked and the 
effect is in reducing or rendering useless the effectiveness of those 
processes.

-- 
Arvel

More information about the ietf-dkim mailing list