ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] New DKIM threat analysis draft

2005-10-06 17:36:23
from [Jim Fenton] [Permanent Link] 
Amir Herzberg wrote:


Jim Fenton wrote:
I have just submitted a new threat analysis of DKIM as an Internet Draft. Hopefully this will form the basis for a meaningful discussion on the utility and effectiveness of DKIM that were voiced at the last BoF. 


I think it is very good.
I have only one real reservation. In section 6.3, discussing the message replay attack, esp. in 2nd paragraph... It is presented as if DKIM cannot be applied against replay since replay is indistinguishable from acceptable acts e.g. forwarding. This is not necessarily true. A legitimate application of DKIM may require senders to indicate specific recipient; this would allow replay prevention, of course in the price of requiring additional support to deal with legitimate forwarding. I'm not suggesting DKIM should be modified to support that, indeed this is not required at DKIM level at all, but I think the text now seems to exclude this usage, and this should be fixed imho.
What matters here is really the envelope-to address. There are some fairly large obstacles to signing the envelope-to address, including the fact that it's not available to MUAs and the fact that it gets changed when a message is legitimately forwarded, so I'm not sure how this would work. Can you provide more details of what you have in mind? 



Here are few additional, minor comments:
1. You use the term `zombie` without definition in p. 2, then `compromised computers` later (in 5.1)... pick one; my suggestion: use `zombie` and in the first use, add `(compromised computers)`. 

Good idea.



2. First paragraph of 4.1: I think should be clarified.


I'll try, but if you have some text to suggest that would be helpful.



3. First sentence of 4.3: s/with/within/


Thanks.
4. Last paragraph of 4.3: this is only MTA-MTA or MTA-MDA authentication, so I think we should explicitly recommend cryptographic authentication of submitting MTA, e.g. using SSL or IP-Sec. Or do you really think SMTP AUTH is better here?
SMTP AUTH was just meant as one example. What technique is actually used is at the discretion of the recipient domain, and whether it needs to be cryptographic or not depends on the security of that domain.
5. In 5.2.1: last sentence is imho misleading. Such malware usually/often does not use the email address of the owner of the infected machine, but selects other email addresses as sender, to avoid detection. In this case, DKIM may help. I also think the term `malware` is better than `worm` here. 

I prefer 'malware' too.

Thanks!

-Jim
_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] draft-fenton-dkim-threats-00, Jim Fenton
Next by Date:  Re: [ietf-dkim] draft-fenton-dkim-threats-00, Dave Crocker
Previous by Thread:  Re: [ietf-dkim] New DKIM threat analysis draft, Dave Crocker
Next by Thread:  Re: [ietf-dkim] New DKIM threat analysis draft, Amir Herzberg
Indexes:  [Date] [Thread] [Top] [All Lists]