ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] DKIM Threat Analysis v0.06

2005-08-12 09:17:25
per se.  If I can assert some measure of control over who
uses my domain  this has value in and of itself.

why?

how?

This is perhaps a little philosophical for the current purpose but this is how I look at it:

My domain is an asset owned by me - it is property that I own. Implicit in the ownership of a thing is the right (and duty) to control the use thereof. This duty stems from the fact that by owning a thing one is asserting responsiblity for it and is therefore expected to govern the thing owned in a societally responsible way. Since there is an expectation of proper governance and because one has asserted responsibility through the act of ownership, the right to control all aspects of ones own property follows naturally (this right is required to fulfill one's duty). This is why "because it's mine", although terse and rude, is nevertheless sufficient in answer to "why won't you let me take your car" etc... and it is sufficient in the context of *any* property ownership - including a domain name. Now, all that to say this: because the right to govern and control a domain name is intrinsic to the act of owning one - it derives this value internally. That's why I say "in and of itself". My logic might be fuzzy so please correct me where I've gone wrong.

As a practical application of this principle, although DKIM can't stop the spoofing of my domain, it can prevent the proliferation of spoofed emails to end users thus protecting my reputation and shielding users from whatever scheme the bad actors are currently up to in my name (this is an application of the 'societally responsible governance principle' of 'thing' ownership). Further, through the mechanism of DKIM and SSP, the receiving DKIM verifier has the ability to (a) validate legitimate signatures from me thereby assuring that I have asserted responsibility for the message content and selected headers and (b) know what my signing policy is thereby able to handle an unsigned or improperly signed message according to my wishes. This is, in my view, a measure of domain usage control which domain owners currently do not possess; the utility of which is not diminished simply because DKIM is not yet ubiquitous. DKIM is an important tool which can help a domain owner take responsibility for his domain seriously and properly.

The rest of your text in this paragraph was about broad
effects.  I think we need to describe lower-level,
more-mechanical effects.

Sorry 'bout that.  he he... I'm not being very helpful lately.

--
Arvel



_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim