[ietf-dkim] Responsibility vs. Validity
dhc at dcrocker.net
Tue Nov 27 11:09:17 PST 2007
Steve Atkins wrote:
>> Mechanisms like OpenPGP and S/MIME essentially validate the
>> authenticity of content. DKIM does not. For example, a DKIM
>> signature does not contain the semantics that claim that the From
>> field is correct, nevermind that it does not distinguish between
>> "brands" such as are often implied by the display string in the From
>> field, versus the email address in it.
> DKIM is a mix of the two (as are pgp and s/mime).
I believe that a basic DKIM signature is not. I believe the semantics of a
signature are stated rather plainly in the -base specification.
Opening line of the -base Introduction:
"DomainKeys Identified Mail (DKIM) defines a mechanism... permitting a
signing domain to claim responsibility for the introduction of a message into
the mail stream."
(One might quibble about the "introduction" reference, since signing can be
done by any handler along the way, but that's a subtlety not at issue for this
> It's setup to not only say "this message came from THIS recipient", but
> also "THIS message came from this recipient".
Depends on what one means by "from" since a DKIM signature is not required to
relate to the rfc2822.From string.
Also do not at all understand the second half of your sentence. Came from
>> Rather, DKIM's task is to allow an organization to say this it has
>> some responsibility for the message; that is, come to them if there is
>> a problem.
> That, to me, is it's *intended* use, sure, but there's no denying that a
> validly signed DKIM message asserts that the content has not been
> tampered with since it was signed (within some fairly well-defined
Yes, it carries semantics about in-transit modification. But it says nothing
about correctness prior to signing.
> PGP, S/MIME and DKIM all make the same basic statement: "*this* sender
> sent you *this* message and it's not been tampered with since they
> signed it". Intended usage may be different, but the basic function is
> the same.
Mumble. My impression is that the semantics of these other signatures is
taken to be considerable stronger.
>> In looking at the range of features that have been added to SSP, I
>> keep thinking that this distinction is not clear. It seems to me that
>> there is tendency to want to build "the content is valid" mechanisms
>> into SSP.
> That's an entirely different question to the one you started with. PGP
> and S/MIME make no assertions about unsigned messages, and nor does DKIM.
> SSP is primarily about making negative assertions about mail with a
> particular from address that is not dkim signed.
That is only one of SSP's features.
> Given it makes negative
> assertions I don't see how it can really be used as part of a "the
> content is valid" mechanism other than by discriminating between "I
> assert the content is invalid" and "I make no assertion about the content".
Discussions about SSP seem to conflate From field domain name correlations
with "brand" representation authenticity in the message. That type of issue
is what prompted my sending my note.
More information about the ietf-dkim