[ietf-dkim] Re: dkim service
william at elan.net
Mon Oct 17 16:56:09 PDT 2005
On Mon, 17 Oct 2005, Jim Fenton wrote:
>> Is that the same as saying that for purposes of forgery protection (rather
>> then establishing "some" identity for reputation/accreditation by means of
>> the signature) DKIM focuses only on the "From" header field?
>> [Yes I understand its not 100% only from in case of multiple addresses]
> Yes, although I'm reluctant to use the term "forgery" because it means
> different things to different people. We are not providing a signature
> from the author him/herself, so it could be argued that we aren't
> providing forgery protection at all.
Ok, lets call it protection of identity spoofing by unauthorized parties
then (I'm pretty sure even when I said forgery people on this technical
list knew exactly what I mean).
[text from reply reordered]
> The people we're trying to help are the ones who won't can't do that
> additional setting to make Sender visible. And I'm not satisfied with
> helping 50% of the clients.
Lets suppose for a moment that email client change and we have another
visible header field that close to 100% can see and that also needs
to be protected or lets say we have another header field that some,
including signer (but not all) want to be protected.
Since you've made DKIM signature and SSP specific to particular identity,
that would prevent from being able to use the signature to provide
anti-spoofing protection for that new field and require working out
Also let me remember of of SPF which in 2004 had scope mechanism (format
otherwise looked very much like what we see now), but then it was dropped
because only one particular identity was thought to have majority support
(based on that particular mail list constituency) to be protected but
after the deployment we see real need of scoping and know it was a mistake
because the same SPF syntax is quite usable for protecting other identities.
So, unless you have real big problem with being just slightly more verbose,
please specify by additional tag that for anti-spoofing, you're focusing
on "from". If there is support to introduce anti-spoofing protect for
another field, it would then be easy and not cause any potential conflicts
with existing installed base.
>> In that case I'd expect that you should try to make sure the signature
>> from original sender (ok - from person listed in From) survives cases
>> of mail lists and instead I hear some people on this list saying that
>> we should not even try.
> This is a difficult question, because anything we do to accommodate mailing
> lists introduces new vulnerabilities. Anything that accommodates the
> addition of ads by mailing lists (since some are advertising-supported) also
> accommodates the addition of undesirable content to messages, unless you
> know exactly who the "good" mailing lists are.
While in process of making a reply I've decided that it would be best to
move it into separate message and subject. See my next message.
william at elan.net
More information about the ietf-dkim