[ietf-dkim] draft-ietf-dkim-base-02 // Parent signing
Bill.Oxley at cox.com
Bill.Oxley at cox.com
Thu Jun 1 12:39:47 PDT 2006
Thanks for the clarification, so an assertion for subdomains that can
"opt out" of parent signing systems so that firstname.lastname@example.org is
authenticated with sig and email@example.com is not?
Cox Communications, Inc.
bill.oxley at cox.com
From: Douglas Otis [mailto:dotis at mail-abuse.org]
Sent: Thursday, June 01, 2006 3:28 PM
To: Oxley, Bill (CCI-Atlanta)
Cc: william at elan.net; ietf-dkim at mipassoc.org
Subject: Re: [ietf-dkim] draft-ietf-dkim-base-02 // Parent signing
On Jun 1, 2006, at 11:57 AM, <Bill.Oxley at cox.com>
<Bill.Oxley at cox.com> wrote:
> Just so that I can understand clearly, TLD offers signing ability
> to those who don't want to develop or buy their own.
> So bar.com offers to sign for me at foo.ca
Imagine a TLD wants to promote use of certificates for exchanging
emails. These outbound services could only be used for email-
addresses within their domain for the email-address to be marked as
verified (included within the i= parameter). A TLD of .foo could
sign a message that validates any email-address within the foo
domain. This could be webmaster at example.foo that uses a signature
with i=webmaster at example.foo d=foo.
> However by bringing cetificated messages frm me at foo.ca you are
> assigning a reputation to that signature that DKIM presents.
Assume DKIM becomes the more widely adopted convention used for
verifying signed messages. The certificate would be used only to
gain access to the TLD's outbound servers. Reputation would likely
be based upon the foo signing domain, as you seem to be suggesting.
It is unlikely a reputation service will create reputations for
individual email-addresses. The basis for identifying a culpable
entity seems too weak to risk possible litigation. Reputation
services may report specific messages to the signing domain for
confirmation and resolution. (The Opaque-Identifier revocation
option was intended to provide a scalable and timely method for
curtailing abuse of this type.)
Contrary to the base draft claim of relying upon the email-address,
receivers are more likely to focus upon the signing domain with
respect to messages acceptance. Aggregating more email-addresses
behind a common signing domain introduces the issue of greater
collateral blocking. Although parent signing will simplify the
handling of email-addresses received with wildcard MX records, this
convenience for the transmitter increases the burden on the
receiver. This added burden for the receiver is highly counter
productive when abating abuse.
> That is not a valid assumption as plenty of bar.com's for a fee
> would be happy to sign for any spammer that shows up with cash.
> This is inevitable.
Agreed. It makes the TLD and CA money, while also introducing
conflicts with respect to who is really authoritative. Many criminal
spammers already hide by utilizing shared resources. Allowing the
parent to be authoritative will also increase the number of these
shared hiding places. : (
More information about the ietf-dkim