Re: [ietf-dkim] Not exactly not a threat analysis
2005-08-23 13:54:55
Going back a lot of messages, but only a few hours (apologies if I'm
beating a dead horse):
Keith Moore wrote:
Part of the idea that DKIM seems to propose is that more than one
party can potentially sign a message. For instance, an author might
sign a message, or a list might sign the same message. But different
parties mean different things when they sign the message. If the
author signs a message, it means "I wrote this". If a list signs a
message, it means "I sent this".
But DKIM never gives an assertion of authorship (use PGP or S/MIME for
that). Even if there is a valid signature that is associated with the
origination address, it means "the supposed author's domain authorized
this message".
This goes to what we have been very generically calling first-party and
third-party signatures. The original submission of a message would
normally result in a first-party signature from the supposed author's
domain. A mailing list would apply a third-party signature, which can
be distinguished by the fact that i= does not match the originator's
address. There are other circumstances where third-party signatures
would be applied as well, but I can't think of why it would be
significant whether the third-party signer is a mailing list, some other
resender, or a greeting card or something.
BTW, a good reason for the local-part on i= is that it if the original
purported author and the mailing list are in the same domain, it's still
possible for the list to apply a signature and not have it look like a
first-party signature.
Is there other significance to signature semantics that is needed that
is not conveyed by the comparison of i= to the originator address?
-Jim
_______________________________________________
ietf-dkim mailing list
http://dkim.org
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-dkim] Not exactly not a threat analysis, (continued)
- [ietf-dkim] Is accountability binary?, domainkeys-feedbackbase02
- Re: [ietf-dkim] Is accountability binary?, John Levine
- Re: [ietf-dkim] Not exactly not a threat analysis,
Jim Fenton <=
- Re: [ietf-dkim] Not exactly not a threat analysis, Keith Moore
- Re: [ietf-dkim] Not exactly not a threat analysis, Jim Fenton
- [ietf-dkim] accountability, resenders, and replay, Tony Finch
- [ietf-dkim] Re: accountability, resenders, and replay, Jim Fenton
- [ietf-dkim] Re: accountability, resenders, and replay, Keith Moore
- Re: [ietf-dkim] Re: accountability, resenders, and replay, John Levine
- Re: [ietf-dkim] Re: accountability, resenders, and replay, Keith Moore
- Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood
- Re: [ietf-dkim] Not exactly not a threat analysis, Jim Fenton
- Re: [ietf-dkim] Not exactly not a threat analysis, Dave Crocker
|
|
|