ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Not exactly not a threat analysis

2005-08-23 10:34:06
Keith Moore wrote:

That's not sufficient unless signers who (re)transmit messages are clearly
distinguishable from signers who author content.  That would be a workable
solution, though I don't think it's desirable to overload addresses in this
way.

The primary deployment scenario for DKIM is to do the signing on the
submission server, so the signature doesn't necessarily identify the
message's author. I'd say the tag you want has at least three settings:
author / submission server / re-sender; and perhaps also smart host /
forwarder / list server. Etc. etc.

John R Levine wrote:

Because domains are run by people, some of whom do a much better job of
managing their mail than others.

That's a bit like saying that drivers in some states are better than drivers
in other states, so states should discourage bad drivers by blocking off their
borders with states with bad driving reputations.

DKIM should be able to operate at a much finer granularity than the IP
addresses of an ISP's outgoing relays.

Tony.
-- 
f.a.n.finch  <dot(_at_)dotat(_dot_)at>  http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.
_______________________________________________
ietf-dkim mailing list
http://dkim.org