On 02/Sep/10 20:43, Murray S. Kucherawy wrote:
From: Alessandro Vesely [mailto:vesely(_at_)tana(_dot_)it]
If this message were replayed to all mailboxes in the world, the
number of complaints might be overwhelming; the more successful spam
reporting, the more scaring this possibility. And if anyone uses that
for tracking domain reputation, it might drop below small integer
ranges. In such scenario, one may consider it safer to only sign mail
destined to trusted recipients.
Isn't reputation specifically out of scope though?
No, that's true for the /development/ of reputation systems.
I don't see that this is an issue this WG can address, unless we want to
tackle the issue of doing something DKIM-like at the connection level.
In part, the issue is being addressed in draft-ietf-dkim-mailinglists
already. I'm questioning whether we can get away with saying that a
MLM "is /likely/ to invalidate any or all of" a message's signatures.
Reputation considerations suggest that author domains may want MLMs
to behave consistently in this respect.
Crypto stuff at connection time is a different ongoing task, which may
be useful in countering replay attacks in general. Joint signatures
and From-%-rewriting are two easier and more specific techniques for
describing how responsibility is transferred when a message transforms
into another. I mentioned them in this thread because I deem they are
worth being considered, each in its niche of suitable use cases.
NOTE WELL: This list operates according to