On August 13, 2005 at 11:18, Keith Moore wrote:
no, it doesn't follow. in particular, it presumes that the present "bad
actors" and the future "bad actors" are similar, or that they're engaged
in similar activity. it's entirely likely that authentication will
change the behavior of bad actors, but that doesn't mean that bad actors
won't benefit by signing mail.
Agreed. But we should not let it prevent us from addressing problems
when possible. Bad actors will always find ways to exploit systems,
so the realistic goal is to increase the costs to execute exploits,
minimizing the attack vectors available, and minimize the damage when
exploits occur.
I definitely agree that much of the threat analysis that has been
provided is oriented around the DKIM solution; i.e. tailor the problem
to fit the solution.
To me, DKIM appears to only address the forgery problem. Dealing
with forgery will not eliminate undesirable mail (which btw, is
a subjective term), but can address the damage forgery can do to
identities being forged.
There are two general types of identities that can be forged
(wrt email): addresses and domains (have I left anything out?).
Therefore, when discussing solutions to forgery, any solution must
consider forgery wrt these different types of identities.
It may not be essential that any proposed solution address all types of
forgery, but the solution must not facilitate other forms of forgery.
For example, if a proposed solution addresses domain-based forgery,
the solution must not facilitate address-level forgery: bad actors
should not be able to exploit the "trust" of domain forgery protection
to perpetrate address-level forgery.
--ewh
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim