[ietf-dkim] DKIM Threat Analysis v0.06
arvel at altn.com
Thu Aug 18 04:42:58 PDT 2005
Here's what I think.
> 1. Who are the bad actors that DKIM is trying to thwart? Put another
> way, if DKIM is deployed, what bad actors will have to find a different
> way to perform their bad acts.
The bad actors are anyone who would use a domain name in an identity header
of an email message without authorization from the domain owner. The same
will have to discover a new means of doing so.
> Also, what resources do these bad actors have at their disposal?
I assume "resources" refers to the set of conditions the bad actor finds
which enables him to achieve his goal. These are primarily (a) the
wide-open unauthenticated nature of SMTP which lets anybody claim they are
anybody else (b) the wide-open unauthenticated nature of RFC-2822 which has
no inherent mechanism for restricting the use of identity headers to the
domain owner (c) the relative lack of use (for whatever reason) of stronger
security measures such as S/MIME and PGP and (d) the ubiquitous habit of and
conditioning imposed through the display of the RFC-2822.From identity
header to email consumers in preference to any other identity.
> 2. Where are these bad actors in the protocol environment? Where in
> the email system do they pop up to perform the acts that DKIM is trying
> to prevent. Again, different bad actors may appear at different places.
> 3. What are the bad acts that DKIM is trying to thwart? The first two
> questions are really background for this question.
These are so related it's hard for me to separate. Unauthorized domain use
is a means to several ends. The 'end' will determine where, in the email
delivery chain, the bad actor "pops up". When the goal is to trash the
reputation of a domain owner in the eyes of an email user or ply some scam
part of which requires the unauthorized use of a domain to lend it
credibility, the "pop up" is the MUA of an email user and the effect takes
place in the mind of that user. When the goal is to thwart filtering agents
or attempt to manipulate a receiving domain's incoming email policy in some
way the "pop up" is at the point wherein those processes are invoked and the
effect is in reducing or rendering useless the effectiveness of those
More information about the ietf-dkim