[ietf-dkim] Forgery complexities

[Dave Crocker]

Doug,


> Lead-in problem statement:
> ,---
> | Forgery of headers that indicate message origin is a problem for  
> users of
> | Internet mail.
> '---

DKIM is an authentication technique.  It authenticate an identity. 
Authentication is not needed, unless one is worried about invalid uses of 
identities.  I think that it is reasonable to call that "forgery".

So the opening statement is factually correct.  And it is describes a concern 
that is the foundation for pursuing DKIM.



> The goal of DKIM.
> ,---
> | The DKIM working group will produce standards-track specifications  that
> | permit authentication of message headers during transit, using  
> public-key
> | signatures and based on domain name identifiers.
> '---
> While one could describe signature verification as authenticating the  
> signature header, this is not addressing the problem statement.


Ensuring that the received headers are the headers that were sent does not 
address the problem of forgery?

The fact that DKIM provides a digital signature based on a hash of the message 
headers means that, in fact, it is ensuring that any modification to the 
headers, after the message is sent, will be detected.  Hence, they are 
authenticated... With respect to the identity doing the signing.


> The  
> headers which could possibly relate to forgery are _not_ being  
> authenticated.  I find these two statements misleading and not  
> representative of the DKIM mechanism as currently devised.

I think you are confusing the benefit of closing SOME holes with the desire/need 
to close ALL holes.  The fact that some forms of forgery are dealt with by DKIM 
does not mean it attempts to deal with all forms.


> General goals:
...

> - Establish accountable domain-specific opaque identifier.

what does domain-specific "opaque" identifier mean?  Opaque to who? Compared to 
what?


-- 
 
   d/

  Dave Crocker
  Brandenburg InternetWorking
  +1.408.246.8253
  dcrocker  a t ...
  WE'VE MOVED to:  www.bbiw.net