ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] Is accountability singular?

2005-08-24 17:00:09
from [Hallam-Baker, Phillip] [Permanent Link] 
I don't see the need for the group to consider this at all. There will
be messages that have various numbers of signatures. If people find that
additional signatures are unnecessary they will not check them, if they
are not checked people will stop adding them. If on the other hand
people discover they are useful they will use them.

I do not see the value of attempting to anticipate the market here. The
only mistake we can make here is to try to pre-empt a choice that should
be left to the market.


-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of 
domainkeys-feedbackbase02(_at_)yahoo(_dot_)com
Sent: Wednesday, August 24, 2005 4:06 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Is accountability singular?


--- Jim Fenton <fenton(_at_)cisco(_dot_)com> wrote:


In short, will signers be left in the dark wrt how relevant their 
particular accountability claim is to subsequent recipients?
 


Mostly.  When reputation services arise a signer will be 

able to check

their reputation.


Should signers give directions to forwarders not to sign, 

so as not 

to taint the "author" accountability? Seems like sometimes 

you might 

want that, sometimes you might not.
 


I don't see how a forwarder's signature would ever taint 

the "author"

accountability, unless the forwarder breaks the original 

signature.  Can 

you explain?


Email1 is signed by "Author" and arrives directly
Email2 is signed by "Author" and arrives via a signing forwarder.

Mike's post seems to suggest that the additional identity 
available via the second signature is useful extra input to a 
filtering system, thus the output of a filter could be 
different for Email1 and Email2 - all other things being equal.

So it appears that a signing forwarder could impact the 
outcome of a filter and one such impact could be negative.

I think this creates a dilemma for second-signers. Does their 
signature add value or subtract? Importantly, will they be 
treated as the responsible party or won't they? Do they want 
to be the responsible party or don't they? No one knows and 
at best we may offer guidance.

In the face of such a dilemma, I speculate that a significant 
number of potential second-signers may take the easy path and 
actively avoid signing if the email already has a responsible 
party. After all, why generate work?

My point? Second-signers aren't core to DKIM and they 
currently have little motivation and no obligation to add 
themselves into the responsibility and identity chain. Even 
conscientious second-signers might conclude that they have no 
way to determine whether they are doing more harm than good.

As it stands, the first-signer has strong motivation, the 
mechanism is well defined and the identity of the responsible 
party is clear. The second-signer has weak motivation, the 
mechanism is proving troublesome and the identity of the 
responsible party is muddied.

I'm not convinced that we should expend effort on 
second-signers until we're more certain of the cost/benefit.


Mark.
_______________________________________________
ietf-dkim mailing list
http://dkim.org




_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • RE: [ietf-dkim] Is accountability singular?, Hallam-Baker, Phillip <=
Previous by Date:  Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Dave Crocker
Next by Date:  Re: [ietf-dkim] updated threat analysis outline, Douglas Otis
Previous by Thread:  RE: [ietf-dkim] Is accountability binary?, Hallam-Baker, Phillip
Next by Thread:  [ietf-dkim] Apology, Scott Kitterman
Indexes:  [Date] [Thread] [Top] [All Lists]