[ietf-dkim] draft-ietf-dkim-ssp-02.txt (issue 1519?)

[Jim Fenton]

Douglas Otis wrote:
>
> On Feb 1, 2008, at 2:58 PM, Jim Fenton wrote:
>
>> Douglas Otis wrote:
>>
>>> The ASP approach creates fewer corner cases.  At least with the ASP 
>>> draft, any risk of misuse remains within the control of a domain to 
>>> rectify.
>>
>> This last statement I don't understand.  Can you give an example of 
>> "misuse within the control of a domain" that is introduced by 
>> matching the local-part?
>
> A domain using RFC 4871 as defined might wish to clarify which entity 
> had been authenticated.  Such authentication information would help 
> prevent intra-domain spoofing.  SSP essentially prevents a single 
> signature from offering identity assurances when a message is being 
> redirected (Resent-From header) or being sent on behalf of (Sender 
> header) the From header.  Is it really reasonable for an MTA to add 
> two signatures, one ambiguous and the other identity specific?  An 
> additional signature is only needed because of the SSP definition for 
> a compliant Author's signature.  There is enough information within a 
> signature added on-behalf-of (i=) of the Resent-From header for 
> compliance to be ascertained without also requiring an additional 
> ambiguous signature (no local-part).

SSP has no relationship with the Resent-From, Sender, and similar header 
fields.  Is the root issue here that you would like it to do so?  If I 
remember correctly, your draft proposes this, but I have seen no 
consensus to deviate from the requirements in this way.

On the other hand, matching the local-part of i= (when it is present) 
prevents a signature that may be associated with a Sender or Resent-From 
address that happens to be in the same domain as the From address, from 
being misinterpreted as an Author Signature when it's not.


-Jim