ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] on the scope and necessity of threat analysis

2005-08-13 21:05:19
from [Earl Hood] [Permanent Link] 
On August 13, 2005 at 19:13, Michael Thomas wrote:


PS: but even then, it doesn't show that the problem will be
     "worse", which is what I was commenting on.


I do not think anyone can positively state things will get worse,
but there is always a risk.  And the risk is greater if the system
is not implemented well.  The real answer will not be known until
something is tried, since predicting what spammers will do tends to
be an exercise in futility.

What is important is to understand exactly what DKIM tries to solve:
the identity forgery problem.  If people can agree that the identity
forgery problem is serious enough problem to address, then something
like DKIM is worth trying, especially if the solution costs less than
letting the problem persist.

(Side Note: From an analytic perspective, it is worth noting
 why protocols like S/MIME and OpenPGP are not suited to deal with
 this problem in order to justify the existence of DKIM.)

The specification as it exists right now has some holes in it, but
these can be filled.  Care must be taken to insure that DKIM, or any
other proposal that attempts to address forgery, does not create new
avenues of exploitation.

This ties into my address-based versus domain-based forgery.  DKIM is
domain-based, but as it exists now, it actually will facilitate
address-based forgery.  This will hopefully be corrected in the next
draft revisions, which has been noted in other discussion threads.

We also cannot be naive to assume that bad actors will not use email
authentication themselves.  Not all bad actors in the spam domain are
forging their identities, or even care to.  Address/domain identity
is not a very strong form of identification.  Getting from an email
address to a real person is not necessarily an easy task, and spammers
know this.

BTW, it may help to stop mentioning DKIM as an anti-spam measure,
and only refer to it within the context of the problem it actually
addresses: email identity forgery.  Of course, people will make
inferences that DKIM is an anti-spam measure, but DKIM documents
should not even mention spam.

--ewh
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] Not exactly not a threat analysis, John Levine
Next by Date:  Re: [ietf-dkim] on the suitability of the From header field, Earl Hood
Previous by Thread:  Re: [ietf-dkim] on the scope and necessity of threat analysis, Michael Thomas
Next by Thread:  Re: [ietf-dkim] on the scope and necessity of threat analysis, SM
Indexes:  [Date] [Thread] [Top] [All Lists]