[ietf-dkim] Collection of use cases for SSP requirements
Charles Lindsey
chl at clerew.man.ac.uk
Fri Nov 17 13:06:09 PST 2006
On Fri, 17 Nov 2006 12:27:43 -0000, Wietse Venema <wietse at porcupine.org>
wrote:
> Hallam-Baker, Phillip:
>> FOR DKIM BASE:
>> We have three possible outcomes: Definitely Genuine, Definitely
>> Fake and Undetermined
>>
>> [We can if people think there is value further break down
>> Undetermined according to probability but bear with me]
>
> My understanding is that DKIM-base can produce only two results:
> signature verification succeeds or signature verification fails.
> I may be mistaken, but it seems to me that expanding these two
> results into >2 involves information outside DKIM-base.
No, there is a lot more than that.
There is 'signature absent'
'signature present but invalid'
For failed signatures there is
'the failure was in the header/the body/both'
For good signatures there is
'the headers that were signed were the ones expected to be signed'
'the length of the body was longer than the l-tag said'
Which of these are relevant to automatic decision making, and which only
for forensics, is a question for imploementors of verifiers. Experience
may show that all sorts of unexpected scams can be caught by looking for
obscure cases.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim
mailing list