dkim-ops
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [dkim-ops] subdomain vs. cousin domain (when deploying"discardable")

2010-09-10 10:03:34
from [McDowell, Brett] [Permanent Link] 
On Sep 10, 2010, at 10:14 AM, Todd Lyons wrote:


On Fri, Sep 10, 2010 at 6:50 AM, McDowell, Brett
<bmcdowell(_at_)paypal-inc(_dot_)com> wrote:

Ugh!  We simply have to fix the root cause of MLM's breaking DKIM 
signatures.

Disagree.  This would then mean MLM messages become visually similar to
messages from individuals.

I didn't mean to suggest MLM's should stop doing the things they do that 
breaks DKIM signatures.  I'm actually a fan of the A-R header (or perhaps a 
new one) approach -- used in a clear (profiled?) way -- so MLM's can assert 
to receivers that they verified the senders signature before processing and 
re-signing it.


As an end receiver though, I certainly wouldn't trust an A-R header
that someone else put in during transit saying that it verified from
$BIG_COMPANY.  That can too easily be forged.  Now if that A-R header
was part of your DKIM sig or the header had a brief sig field that
could be tied back to your DKIM sig, it would become eligible to be
regarded as trustworthy (but not necessarily guaranteed to be so).


That's what I meant by "the A-R header (or perhaps a new one) approach".  To be 
more clear:

(1) sender sends DKIM-signed mail to typical mail list
(2) typical mail list verifies DKIM signature of sender
(3) typical mail list processes the message (adds it's footer, updates subject 
line, etc.) and updates the A-R header info stating it verified signature of 
sender
(5) typical mail list then DKIM-signs the entire message and delivers it to all 
subscribers
(6) receiver verifies the mail list's DKIM signature, reads the claim in the 
A-R header, makes a trust decision, and then processes the message as it would 
if it had come directly form the sender (i.e., if it was ADSP=discardable it 
would actually deliver the message because of the "chain of trust" from the 
sender to the MLM to the receiver)

note: it's more complicated than this as more intermediaries may exist between 
sender and MLM or MLM and receiver, but the concept remains in tact and between 
DKIM and A-R the technology standards exist to implement this kind of ecosystem 
(we may need a profile of A-R or a new header, something we should debate 
sooner than later).

-- Brett
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [dkim-ops] subdomain vs. cousin domain, John Levine
Next by Date:  Re: [dkim-ops] subdomain vs. cousin domain (when deploying"discardable"), Todd Lyons
Previous by Thread:  Re: [dkim-ops] subdomain vs. cousin domain (when deploying"discardable"), Todd Lyons
Next by Thread:  Re: [dkim-ops] subdomain vs. cousin domain (when deploying"discardable"), Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]