ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft)

2005-08-09 16:49:00
from [Earl Hood] [Permanent Link] 
On August 9, 2005 at 15:42, Michael Thomas wrote:


This is precisely what DKIM does.  It is the domain administrator who defin

es 

the DNS records used by DKIM and DKIM's granularity of the validated identi

ty is 

a domain name.


That is not correct. The local part of the i= is intended to
provide a binding to the local part of outside origination
headers, not just the domain part. Which is why it is,
in fact, a primary goal.


The setting of i= is under the control of the signing agent, which
does not have to be the author/sender.  If I understand Dave's (and
some others) view of DKIM, it is the domain owner who has the control
of setting i= (via the domain owner's signing process).

The granularity of the value of i= is solely up to the domain owner
and the internal (security) policies it defines when signing messages
submitted by the domain owner's users.

The only way the author/sender has control over i=, is if they have
control over DKIM signing software and are themselves the domain
owner (or have an agreement with the domain owner to control the
signing process).  But here, the whole signing/verification process
is still domain-based.

As DKIM is currently defined, the i= tag must also be a sub-domain
of the d= tag.  Therefore, the "identity" of the user is determined
by the domain owner and not the author/sender.

The strength of the identity specified in i= is completely up to the
domain owner, and only has meaning to the domain owner.  As noted in
the DKIM draft, the value of i= may not represent any address value
in a message header (e.g. rfc2822.from/sender).

Independent of the merits of DKIM, I think it helps to view it (and
other competing proposals) on who has control over the signing process
(and to a lesser extent the verification process).  This helps to
determine where accountability lies for a particular mail message.

In DKIM, the domain owner has ultimate control over the signing
process, not authors/senders.  Therefore, it is the domain owner who
has ultimate accountability.

--ewh
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] What's a replay?, Eric Allman
Next by Date:  Re: [ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft), Dave Crocker
Previous by Thread:  Re: [ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft), Jon Callas
Next by Thread:  Re: [ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft), Michael Thomas
Indexes:  [Date] [Thread] [Top] [All Lists]