[ietf-dkim] Base issue: multiple linked signatures

[Douglas Otis]

On Dec 26, 2006, at 5:24 PM, Hallam-Baker, Phillip wrote:

> I don't quite see what the objective is here.
>
> There is a lot of information that a sufficiently dedicated client  
> might infer from multiple signatures made by the same signer but I  
> am not sure that there is much value to be gained unless particular  
> multiple signature practices are in widespread use.

The vast majority of email is spam.  It will not take much to cause  
DKIM verification to be switched off once a common practice of using  
multiple signatures offers a means to hide.  There are millions of  
new domains added every day.  The current DKIM spec in section 4  
recommends damaged signatures not be removed.  This means a good  
actor might leave dead signatures in messages.  The current mindset  
then assumes the signing-domain and the email-address being added are  
within the same domain.

The continuing assumption that the email-address domain and the  
signing-domain are one-and-the-same also demands an unmanageable  
exchange of private-keys or the delegation of domains.  While this  
requirement places greater control into the hands of major providers,  
this does absolutely nothing in helping abate abuse, just the  
opposite.  It would also raise costs associated with the use of  
domains not provided by the email-provider.  Added administration and  
costs will mean that DKIM is not a scalable solution for email.  A  
minor change can make a world of difference in this regard.

-Doug