[ietf-dkim] [Fwd: I-D ACTION:draft-fenton-dkim-threats-02.txt]
Eliot Lear
lear at cisco.com
Sat Jan 7 02:15:17 PST 2006
Andrew Newton wrote:
>
> On Jan 6, 2006, at 9:28 AM, Eliot Lear wrote:
>
>> Andrew Newton wrote:
>>>>> DKIM's ability to identify a domain owner is [also] bounded by
>>>>> whatever checks a registration authority imposes.
>>>
>>> could be read to mean some domain registration rules can be counted
>>> upon for this purpose. Practically speaking, I don't think this is
>>> true at all.
>>
>> Would s/bounded/limited/ fix the problem?
>
> I am thinking "no." DKIM's ability to identify a domain owner is not
> limited by registration authority rules because there may be or will
> be reputation services separate from the registration authority.
Precisely. We need to separate what DKIM does from what reputation
services do.
> Besides, I don't think DKIM is ever identifying the owner of a domain
> name since that information is not in DNS. If the Acme Widget company
> has the domains acmewidgets.com, acme-widgets.com, and
> acme-widgets-inc.com, there is nothing in DNS that tells me all three
> are owned by Acme Widgets (well, nothing you can rely upon).
You're right. The information is contained within the registries.
Whether a recipient can access that information ALSO depends on the
registry policies.
Eliot
More information about the ietf-dkim
mailing list