dkim-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[dkim-dev] Re: [ietf-dkim] draft-ietf-dkim-threats-02 nit//Claim Responsibilityfor email address use?

2006-04-06 12:39:11
from [Douglas Otis] [Permanent Link]
Sorry, this was posted to the wrong list (twice.) I guess I should try getting more sleep. 

-Doug
On Apr 6, 2006, at 12:14 PM, <Bill(_dot_)Oxley(_at_)cox(_dot_)com> <Bill(_dot_)Oxley(_at_)cox(_dot_)com> wrote: 


I like that change

Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill(_dot_)oxley(_at_)cox(_dot_)com


-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Douglas Otis
Sent: Thursday, April 06, 2006 3:03 PM
To: dkim-dev
Subject: [ietf-dkim] draft-ietf-dkim-threats-02 nit//Claim
Responsibilityfor email address use?

,----
|1.  Introduction
|
| DomainKeys Identified Mail (DKIM) [I-D.ietf-dkim-base] defines a
| mechanism by which email messages can be cryptographically signed,
| permitting a signing domain to claim responsibility for the use of a
| given email address.
'----

The signature establishes that the signing-domain has handled the
message.  DKIM does not require an email-address be associated with a
signing-domain.  Even when a signing-domain can be seen as associated
with an email-address in the message, there is no safe assurance the
signing-domain is authoritative or controls use of the email-
address.  This statement is confusing the DKIM base with questionable
concepts found in SSP.

This statement in isolation implies the goal of DKIM is to establish
constrains on the use of one's email-address.  A provider may elect
to sign all messages irrespective of the email-address utilized by
their customers, for example.

Suggested correction:

: DomainKeys Identified Mail (DKIM) [I-D.ietf-dkim-base] defines a
: mechanism by which email messages can be cryptographically signed,
: permitting a signing domain to be identified as handling the signed
: portion of the message.


-Doug

_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html


_______________________________________________
dkim-dev mailing list
dkim-dev(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-dev
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [dkim-dev] Re: [ietf-dkim] draft-ietf-dkim-threats-02 nit//Claim Responsibilityfor email address use?, Douglas Otis <=
Previous by Date:  [ietf-dkim] draft-ietf-dkim-threats-02 nit//Claim Responsibility for email address use?, Douglas Otis
Next by Date:  [dkim-dev] Re: [ietf-dkim] draft-ietf-dkim-threats-02 nit//Claim Responsibility for email address use?, Dave Crocker
Previous by Thread:  [ietf-dkim] draft-ietf-dkim-threats-02 nit//Claim Responsibility for email address use?, Douglas Otis
Next by Thread:  [dkim-dev] draft-ietf-dkim-base-01 implemented, Murray S. Kucherawy
Indexes:  [Date] [Thread] [Top] [All Lists]