ietf-dkim
[Top] [All Lists]

RE: [ietf-dkim] Not exactly not a threat analysis

2005-08-23 11:46:09
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Russ Housley

Keith:

I thought you said that DKIM is the transmission signature 
and that S/MIME 
and OpenPGP offer the authoring signature.  Did I misunderstand you?

If there is consensus on this point, then this helps set the 
scope for the 
DKIM threat analysis and charter.

I think that there is a reasonbly clear consensus that DKIM v1.0 offers
a transmission signature.

I think that there is also a reasonably clear consensus that it does not
make much sense to try to extend DKIM to support encryption, either now
or in the future. It does not offer any real advantage over TLS at the
transport level or S/MIME and PGP at the message level.

I think that there is also a consensus that DKIM should not attempt to
reinvent PKIX or XKMS, either now or in the future.


The concept of an authoring signature is problematic in my view and I
don't think S/MIME or PGP solve it either. If Alice works for megaBank I
want a megaBank signature, not an Alice signature and not a megabank.com
signature. 

The capability of an email authentication mechanism is almost entirely a
function of the PKI that supports it. To upgrade from a transmission
signature to a more persistent or a more reliable signature we need to
change the backing PKI, not the message format.

I think that ultimately the way DKIM will be used is to provide
promiscuous authentication similar to the proposed promiscuous
encryption. I expect that there will be TTP servies applied at the
domain level and that most messages will end up carrying multiple
signatures and that each signature will potentially be resolvable
through multiple key distribution mechanisms. So we might use DNS key
retreival for in transit signature verification but also support XKMS so
that we have the ability to validate the signature six months later - if
the sender wants to support that.

I do not expect DKIM to lead to increased use of S/MIME for signature,
but done right I expect it to lead to ubiquitous use of PGP and S/MIME
for encryption. 


_______________________________________________
ietf-dkim mailing list
http://dkim.org