From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Mark Delany
Sent: Saturday, October 16, 2010 2:39 AM
Subject: Re: [ietf-dkim] Data integrity claims
On Sat, Oct 16, 2010 at 12:10:48AM -0400, Dave CROCKER allegedly
On 10/15/2010 8:32 PM, Mark Delany wrote:
Therefore one could
argue that DKIM is "protecting" that relationship between the
Clever phrasing. Might be too subtle for general use, but I think
perspective that could be useful.
I think the issue here is that when people talk about protecting a
tend to have in mind all sorts of attacks designed to trick users.
actually does not have much to say about such things.
Yes, it ties an identifier to a bag of bits, and yes it specifies
bits are, but it really does deal only with those bits and not
I have a problem with this approach and I don't pretend to know the
My problem is that if some valuable domain like paypal sends me a
bunch of bits that I or my MUA or my MTA ties to paypal.com then the
end goal of DKIM is, IMO, that those bunch of bits I "see" are the
ones that paypal sent. No more, no less.
To murder another idiom: "What you see is what they sent" is I believe
the ultimate goal of DKIM. Or, "what you complain about is what they
So anything that circumvents "what you see is what they sent" I think
is in scope for DKIM to eliminate or mitigate.
Is that requirement solved in the verification protocol of DKIM or is
that solved in advice to MTAs/MUAs? I don't know. But I am sure that
if we don't end up with that guarantee, then I do wonder what we are
Mark is more clearly articulating what I have been struggling with.
This is also one of the reasons I have always felt that 1st party
signatures are inherently a different value proposition from 3rd party
NOTE WELL: This list operates according to