ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?

2005-08-22 15:25:16
Douglas Otis wrote:

On Aug 22, 2005, at 11:02 AM, Scott Kitterman wrote:

So to narrow my previous attempt at a summary, you think that domain-wide assertions cannot be accurately made for mail addresses, but that it can for HELO/EHLO?



Accuracy is not the issue. While a domain-wide assertion may accurately issue requirements, the value of the assertion should be assessed against intended goals. Part of that assessment should include whether a goal is reasonably achieved, and weighed against administrative complexity and a potential for inordinate use of DNS. An assertion that HELO must verify with a CSA record where the same CSA record makes the assertion, achieves the goal of assured verification with low administrative complexity and low use of DNS.

It would seem to me then that effictiveness and usefulness of domain wide sender policy assertions is a matter for proper design. I think that saying that something must be well designed is not a reason to put it out of scope for the working group's initial efforts.

Binding a mailbox-address or mailbox-domain to a domain signature is not a goal, it is a mechanism. What is the intended goal? What is the selection process? What level of administrative effort will this entail? What level of DNS interaction is required?

Good design questions for the group to work on once it's chartered.

Such a domain-wide assertion could inhibit a zombie system from purporting to offer valid signatures when signing for other domains. It could also inhibit a zombie system from sending without a signature. What has been excluded? A goal of preventing unauthorized sending of email is accomplished with low administrative complexity and low use of DNS.

Yes.  An excellent reason to include such work in the charter.

In the same manner many use self-signed keys when accessing servers using SSH, the same type of local manual binding is possible once there is a domain signature. Should specific communications be important to the recipient where they wish to be alerted to _possible_ spoofing of these individuals or roles, perhaps the MUA could offer a button to remember the mailbox-address/signing domain/ opaque-identifier bindings. Any other message using that same mailbox-address that does not include this binding would cause a warning. While this approach is not iron-clad, it could help eliminate many of the common exploits. Often the recipient knows by other means whether this is a valid message to permit such initial assessments.

So you think that such a relationship can be established, at least in part, but that it's not suitable to put it in DNS?

I have yet to hear your explanation how abuse can be determined in advance.

I will say again that I don't think that's the point. The point is to detect forgery. Whilst strictly speaking operating outside the domain owner's stated sender policy isn't necessary exactly congruent with forgery, I'll take that as close enough.

And that it will be up to users to determine the relationship between the signing domain and the e-mail addresses and evaluate the legitimacy of the message?

When DKIM becomes widely deployed (which assumes stumbling blocks were not created), then simple features such as single click recording of typical mailbox-address/signing-domain/opaque-identifier bindings would make establishing a strong relationship a rather painless task. It would also instill confidence without making email more complex to use or entail a major portion of the Earth's available ram to support DNS.

It sounds to me like that's a long way of saying yes to my question. Is that right?

Scott Kitterman
_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>