Note: I'm still trying to catch up with the previous traffic, but
there's so much of it (and so much irrelevant material) that it's
taking a while to do so. The fact that the gzip'ed archives are (a)
incompete and (b) not in RFC[2]822 format doesn't help.
Meanwhile, one thing I've noticed about everything I've seen so far
that purports to be a threat analysis is that they are trying to define
the threats in terms of the proposed solution. That's backwards. What
you need to do is explain what the real problem you are trying to solve
is, and then explain the degree to which DKIM does or does not solve
that problem. Saying (in effect) that the problem you are trying to
solve is to give people DKIM, and that DKIM solves the DKIM problem, is
not helpful.
I believe the problem that most of us are trying to solve is to reduce
the burden of undesirable mail on recipients and on the mail system,
without adversely affecting the ability of the mail system to carry
desirable mail. There are several kinds of undesirable mail, including
forged content, unauthorized (re)transmissions of authentic content,
unwanted advertising, and content which harms the recipient's system
(e.g. mail viruses). There is some overlap between these categories.
I believe that most of us who are interested in working on DKIM are
doing so because we believe that DKIM will address this problem, or
part of this problem. But it's important to understand, describe, and
examine which pieces of this problem we believe will be addressed by
DKIM, and which are not, so that we will then be in a position to (a)
suggest additional work and how it might interface with DKIM, and/or
(b) suggest how DKIM might be tweaked to better address that problem or
a well-understood part of that problem. This effort is necessary both
so that DKIM can target its energies in a useful direction and so that
we will understand what is reasonably in-scope for a DKIM WG and what is
out-of-scope and should be done elsewhere.
We also need to state our assumptions. For instance, it's widely
assumed that because much unwanted advertising today is forged content
and/or transmitted by unauthorized means, that an authentication system
that ameliorates one or both of these will reduce the amount of
unwanted advertising. However, this does not follow, and there is good
reason to believe that the amount of unwanted advertising will actually
increase under these conditions. We could discourage one set of bad
actors only to make conditions more favorable for another, much larger,
set.
It is unwise to take it as an axiom, or a matter of faith, that any
kind of authentication is a good thing. We have seen several examples
of authentication systems, both inside and outside of the email world,
that turned out to be a poor fit for many of the authentication
problems that people needed to solve.
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim