[ietf-dkim] draft-fenton-dkim-threats-00

Dave Crocker dhc at dcrocker.net
Fri Oct 7 09:47:10 PDT 2005 

Douglas Otis wrote:
>> The only thing DKIM "prevents" is detecting invalid uses of a domain 
>> name for a signature.
> DKIM, as described, does not prevent or detect invalid uses.  
Oh.  You mean that your sending a message using my domain, without my 
permission, won't be possible to detect? 

> Not in the case of a replay, for example.  The domain may consider 
> abusive replay to be an invalid use when such use impacts future 
> abilities.
The term "replay" has at least two different uses.  One refers to a 
third party, using some of an otherwise valid message, while adding 
their own content. DKIM will permit detecting this.

> Since DKIM does not "do" reputation, talking about the limitations of 
> using DKIM for reputation strikes me entirely out of scope.
>
> The concern was _not_ about whether DKIM "does" reputation, but 
> whether DKIM "supports the use of" reputation.  
Doug,  you are adding to DKIM's scope and then criticizing it for not 
satisfying the extension.

Before you start trying to specify solutions and before you claim that 
DKIM has anything that might be called a "weakness" you need to recruit 
support for this expansion in DKIM's goals.  So far, I have not seen 
that support emerging.

> This concern is distinctly different and does not deal with any 
> details related to a specific implementation of reputation.  
You have been suggesting specific changes to the DKIM specification.

> Strange how only repudiation is supported, but then only reputation is 
> mentioned in the threat analysis.
Strange?  DKIM is a complete technical specification that performs 
specific functions.  The threat analysis describes what problems that 
specification attempts to deal with.  What would be strange -- and 
entirely inappropriate -- is to have the threat analysis cover threats 
to which DKIM does not respond.

> You have again suggested DKIM only supports repudiation.  
What language of mine do you believe says this?

> Would it be okay to review an elevator pitch for repudiation? 
The threat analysis deals with the existing DKIM -- unless there is 
rough consensus to expand DKIM's scope. I haven't seen that consensus 
emerging.  Discussing repudiation is an attempt to expand DKIM's scope.  
Repudiation prevention is a nice goal.  There are lots of nice goals.  
Would it be reasonable to have an open-ended pursuit of all the nice 
goals that DKIM *might* be modified to assist in achieving?

I don't think so, unless the goal here is to have endless abstract 
discussion, rather than to expedite standardization of DKIM.

d/

More information about the ietf-dkim mailing list