Re: [ietf-dkim] Re: dkim service
2005-10-13 22:50:28
Dave Crocker wrote:
OK. Able is on your whitelist. Charlie is on your blacklist. Now
what?
I'm making this up as I go, but I suppose I would accept the
message: if someone I trust asserts responsibility for the message,
that's more important than the fact that that someone I distrust also
asserted responsibility.
'making this up as I go' is really exactly the problem. multiple
signatures moves from one entity taking responsibility to some unknown
combination of responsibilities, ensuring substantially greater
complexity in the overall system. What are the relationships among
the signers? How much does the validator care and in what way? etc.
Pardon my candor then: Of course I'm making this up as I go, because we
all know that this case isn't covered by the draft specifications.
The bottom line is that it's up to the recipient. I know this isn't a
very satisfying answer, and it may even seem evasive. But consider my
example, a non-munging mailing list that re-signs messages, in
conjunction with John's example, a known 419 domain.
Suppose you get a message from a mailing list you subscribe to that is
also signed by a known 419 domain. Do you want to accept that message?
It depends. Many people wouldn't, but someone who has some
responsibility for the list may. DKIM signatures are providing
information to the recipient, and the fact that the message was signed
by the list and by the 419er are both relevant pieces of information.
Now suppose that instead the list stripped the original signature but
signed an authentication-results header saying that the message had a
valid signature from the 419 domain. How does that make the decision
any easier?
d/
ps. the small matter of transitions, such as between different signing
keys, is really the argument that convinced me we needed multiple
signatures. but that is a "find one valid signature" rather than
:"analyze the relationship among multiple".
In that case, I would be more likely to overlap multiple selectors (key
records) than to use multiple signatures.
-Jim
_______________________________________________
ietf-dkim mailing list
http://dkim.org
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-dkim] Re: dkim service, (continued)
- Re: [ietf-dkim] Re: dkim service, Dave Crocker
- Re: [ietf-dkim] Re: dkim service,
Jim Fenton <=
- Re: [ietf-dkim] Re: dkim service, Hector Santos
- Re: [ietf-dkim] Re: dkim service, Dave Crocker
- Re: [ietf-dkim] Re: dkim service, Michael Thomas
- Re: [ietf-dkim] Re: dkim service, Dave Crocker
- Re: [ietf-dkim] Re: dkim service, Michael Thomas
- Re: [ietf-dkim] Re: dkim service, Dave Crocker
- on multi-signatures (was Re: [ietf-dkim] Re: dkim service, Amir Herzberg
- Re: on multi-signatures (was Re: [ietf-dkim] Re: dkim service, Stephen Farrell
- Re: on multi-signatures (was Re: [ietf-dkim] Re: dkim service, Arvel Hathcock
- Re: on multi-signatures (was Re: [ietf-dkim] Re: dkim service, Eliot Lear
|
|
|