ietf-822
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-822] one can re-sign without a permission to re-sign header

2014-04-30 10:55:29
from [Pete Resnick] [Permanent Link] 
On 4/26/14 10:56 AM, Ned Freed wrote:

I'd much rather pursue Pete's approach.

I like it too, but I haven't fully grasped it.  On the 16th he wrote:
If the originator's site is going to allow that, you could create a 
     mechanism where the originator's site gets some sort of
     cryptographic data from the mailing list site and include that in
     its signed message, such that when the eventual recipient gets the
     message, it can verify that it came from a mailing list site that
     the originator explicitly sent the mail to.
https://mailarchive.ietf.org/arch/msg/ietf/T823fjs5PWq2BjvOZ-FzZ5YMjSA
I assume the final message has a valid author's domain signature, 
  otherwise we need to modify DMARC.

Or override it.


The only way I see is that the
MLM, after message modification, sends the message or its hash back to
the author's site to get it signed.  That sounds too complicated, so I
must be missing something.
As I said to someone earlier, I take it that the author's site is allowing the author to have the mailing list resend a modified version of their message, whatever the modifications might be. So all that the mailing list needs is a short-lived token (probably signing the Date: and From: fields, maybe encrypted with the *mailing list site's* key), resigned by the mailing list site along with whatever the mailing list sees fit to sign, such that the eventual recipient can see that the message (a) came via the mailing list from the mailing list's site and (b) the mailing list got the message (some short time ago) from the author's site. That shouldn't require the mailing list to communicate with the author's site, but it might require the author's site to get something from the mailing list's site. 


Perhaps it's time for a more concrete proposal to be written down.
Ah, for a world with more time just to read these messages, let alone write down a proposal.
If there are others who have a handle on what I'm thinking about and want to work on this, I'm happy to spin up a WG to work this out. There's no way I'm going to be able to hold the pen on this, but I think I hear sufficient motivation to get this done. 

pr

--
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478

_______________________________________________
ietf-822 mailing list
ietf-822(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-822
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-822] one can re-sign without a permission to re-sign header, Ned Freed
Next by Date:  Re: [ietf-822] one can re-sign without a permission to re-sign header, Douglas Otis
Previous by Thread:  Re: [ietf-822] one can re-sign without a permission to re-sign header, Ned Freed
Next by Thread:  Re: [ietf-822] one can re-sign without a permission to re-sign header, Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]