[ietf-dkim] DKIM SSP: Security vulnerability when SSP record
does not exist?
Scott Kitterman
ietf-dkim at kitterman.com
Sat Aug 20 10:08:39 PDT 2005
Douglas Otis wrote:
> Defensive strategies must find a different identifier assured by the
> domain as a unique basis for locating trouble. This is simply being
> pragmatic, but this new identifier will not impact the way email
> operates, as would adding constraints on the mailbox-domains. MASS
> should adhere to an oath that above all, do no harm to remove all
> excuses. : )
You can't stop forgery without stopping forgery. Some things that are
perhaps technically forgery are considered desireable. Other things
that aren't forgery might be affected by forgery prevention protocols.
I'm not on a 5-10 year timetable that says things get better after the
whole world upgrades.
I don't believe it is possible to have any near-term positive effect
without also having some potential for near-term harm. DKIM should
allow for restrictive policies for domain owners that are willing to
live with the side effects of those policies.
I ask you which would be worse for a commonly phished domain, that their
messages would fail verification if sent to a mailing list or that
forgeries of their domain would continue to be delivered to end users?
I expect that many domains would be willing to give up mailing lists for
a way to enable receivers to detect and reject forgery of their domain
during the SMTP session.
I think it's DKIM's job to give them the choice and the information to
make an informed decision.
First do no harm is fine if the patient isn't dying already.
Scott Kitterman
More information about the ietf-dkim
mailing list