[ietf-dkim] DKIM charter (Should DKIM directly prevent spoofing?)

[Douglas Otis]

On Nov 15, 2005, at 2:55 PM, Stephen Farrell wrote:
>
> Dave Crocker wrote:
>
>> 5.  At some point, the question becomes one of worrying about
> > the DOS potential of your constantly posting lengthy notes
> > that regurgitate the same points that continue to fail to
> > gain support.

I have a tendency to delve too deeply, and I will attempt to curtail  
this as best I can.


>> But, of course, that is just my own perspective.
>
> (No Dave, I'm fairly sure that others share your perspective:-)
>
> Doug, the charter as-is does have the required support to go
> forward. There's nothing to be achieved by trying for the
> changes you'd like at this stage. My bet is that those changes
> just won't happen given the where the consensus lies.

You could be right, but let's not skip over a rather important  
discussion.  I have no desire to disrupt progress.

This issue has not been well explored, and indeed remains a topic  
that exists mostly under the surface.  Much of the SSP effort was  
done off the mailing-list.  Even rather startling changes related to  
multiple From email-addresses were added before discussion on the  
mailing-list.  Indeed, these last minute changes were not reviewed at  
the BoF.  Anticipating email-address constraints resulting from  
proposed changes _should_ be explored.  The charter unfortunately  
seems to have reached a conclusion that the email-address will be  
bound to what is essentially the MTA to MTA transport.  : (

When the From email-address is considered to be independent of the  
signing-domain, then best practices would allow a mailing-list to add  
their signature without other changes.  MUAs and Mailing-list  
applications could continue to function as expected.  Rather than  
discovering the IP addresses used by mailing-list servers as  
suggested, their signature could be used instead.  Accountability  
could be retained at the signing-domain.

Should DKIM be expected to directly prevent the misuse of a From  
email-address?  There should be little doubt that email filters will  
independently ascertain domains experiencing spoofing exploits and  
offer the needed constraints which will include much more than just  
the From email-address.  Over time, DKIM aware MDAs/MUAs will make  
this effort unneeded.  However, when these likely inadequate From  
email-address constraints are seen as the norm, then a major and  
expensive transformation in the way email works will occur.

Seeing this as the issue, I wish to disagree with Dave about what is  
being said within the charter.

>> 1.  The charter does not constrain email addresses.

The first two sentences of the charter:
,---
| The Internet mail protocols and infrastructure allow mail sent
| from one domain to purport to be from another.  While there are
| sometimes legitimate reasons for doing this, it has become a
| source of general confusion, as well as a mechanism for fraud
| and for distribution of spam (when done illegitimately, it's
| called "spoofing").
'---

"sent from one domain to purport to be from another" refers to email- 
addresses.

This paragraph concludes with:
,---
| ... and to publish "policy" information about how it applies those
| signatures.  Taken together, these will assist receiving domains in
| detecting (or ruling out) certain forms of spoofing as it pertains
| to the signing domain.
'---

Detecting a spoof of course _clearly_ refers to email-address  
acceptance constraints.



>> 2. Dkim does not create or specify any inherent email address  
>> constraints.

Should DKIM be specifying email-address constraints and directly  
detecting spoofed email-addresses?  This is a critical decision with  
far reaching ramifications.  This effort would only change the nature  
of abuse.


>> 3.  An IETF wg charter specifies near-term activities, not long term.

While indeed work would be near-term, goals should be appropriate  
long term.


-Doug