Arvel Hathcock wrote:
Here's what I think (sorry, posting too much I know):
What you need to do is explain what the real problem
you are trying to solve is, and then explain the degree to
which DKIM does or does not solve that problem.
Here's the real problem I would like to solve: (Domain owner speaking
here): Recipients of messages from my domain currently have no method of
verifying whether the message conforms to my sending policy or not; nor can
they know whether the content of the messages sent from my domain are as
they were intended to be. I'd like to be able to solve those problems.
I think you're still stating this somewhat in terms of DKIM when you
refer to "sending policy" because the notion of sending policy is
heavily tied to certain assumptions about implementation. Why not
simply say that you want recipients to be able to know that a particular
message content that purports to be from an author in your domain was
written or authorized by that author, that the content of the message is
as it was written, and that the transmission of the message to the
recipient was authorized?
It is unwise to take it as an axiom, or a matter of
faith, that any kind of authentication is a good thing.
We have seen several examples of authentication
systems, both inside and outside of the email world,
that turned out to be a poor fit for many of the
authentication problems that people needed to solve.
Authentication is always and everywhere a good thing but you're right
when you say that some authentication techniques fit better than others
for various applications. A signature based system seems to me to be
the perfect fit for electronic mail.
Email authentication is not a good thing if either (a) it's such a poor
fit for the problems that people need to solve that it costs more (in
money or time) than it's worth, (b) it is so easily defeated that it
provides a false sense of security, or (c) it provides misleading
indications of authentication failure so often as to adversely affect
email reliability. I think it can be fixed, but IMHO DKIM is currently
in danger of meeting criteria (a) and (c) for being a bad thing.
Keith
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim