[ietf-dkim] DKIM SSP: Security vulnerability when SSP record
does not exist?
ietf-dkim at kitterman.com
Mon Aug 22 15:23:11 PDT 2005
Douglas Otis wrote:
> On Aug 22, 2005, at 11:02 AM, Scott Kitterman wrote:
>> So to narrow my previous attempt at a summary, you think that
>> domain-wide assertions cannot be accurately made for mail addresses,
>> but that it can for HELO/EHLO?
> Accuracy is not the issue. While a domain-wide assertion may
> accurately issue requirements, the value of the assertion should be
> assessed against intended goals. Part of that assessment should
> include whether a goal is reasonably achieved, and weighed against
> administrative complexity and a potential for inordinate use of DNS.
> An assertion that HELO must verify with a CSA record where the same CSA
> record makes the assertion, achieves the goal of assured verification
> with low administrative complexity and low use of DNS.
It would seem to me then that effictiveness and usefulness of domain
wide sender policy assertions is a matter for proper design. I think
that saying that something must be well designed is not a reason to put
it out of scope for the working group's initial efforts.
> Binding a mailbox-address or mailbox-domain to a domain signature is
> not a goal, it is a mechanism. What is the intended goal? What is the
> selection process? What level of administrative effort will this
> entail? What level of DNS interaction is required?
Good design questions for the group to work on once it's chartered.
> Such a domain-wide assertion could inhibit a zombie system from
> purporting to offer valid signatures when signing for other domains.
> It could also inhibit a zombie system from sending without a
> signature. What has been excluded? A goal of preventing unauthorized
> sending of email is accomplished with low administrative complexity and
> low use of DNS.
Yes. An excellent reason to include such work in the charter.
> In the same manner many use self-signed keys when accessing servers
> using SSH, the same type of local manual binding is possible once there
> is a domain signature. Should specific communications be important to
> the recipient where they wish to be alerted to _possible_ spoofing of
> these individuals or roles, perhaps the MUA could offer a button to
> remember the mailbox-address/signing domain/ opaque-identifier
> bindings. Any other message using that same mailbox-address that does
> not include this binding would cause a warning. While this approach is
> not iron-clad, it could help eliminate many of the common exploits.
> Often the recipient knows by other means whether this is a valid
> message to permit such initial assessments.
So you think that such a relationship can be established, at least in
part, but that it's not suitable to put it in DNS?
> I have yet to hear your explanation how abuse can be determined in
I will say again that I don't think that's the point. The point is to
detect forgery. Whilst strictly speaking operating outside the domain
owner's stated sender policy isn't necessary exactly congruent with
forgery, I'll take that as close enough.
>> And that it will be up to users to determine the relationship
>> between the signing domain and the e-mail addresses and evaluate the
>> legitimacy of the message?
> When DKIM becomes widely deployed (which assumes stumbling blocks were
> not created), then simple features such as single click recording of
> typical mailbox-address/signing-domain/opaque-identifier bindings would
> make establishing a strong relationship a rather painless task. It
> would also instill confidence without making email more complex to use
> or entail a major portion of the Earth's available ram to support DNS.
It sounds to me like that's a long way of saying yes to my question. Is
More information about the ietf-dkim