ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] SSP and Sender header field

2005-10-24 15:51:15

On Oct 24, 2005, at 1:29 PM, william(at)elan.net wrote:

Is the latest charter going to be published soon?


Am I correct in reading the latest SSP draft that:
1. It changes the originator entirely to From and now instead of using Sender header field value (as per RFC2822) to decide cases of multiple
    From addresses, the first one in From header field is used?

This also changes an attack scenario into perhaps creating a non- displayed or confusing initial From email-address such as "The office of". The next step for SSP could be to rule out the use of the From header with multiple email addresses. After all, this draft already disallows typical emails being signed by a provider. Why were these changes not discussed? The desire to keep the signing entity visible makes S/MIME or OpenPGP seem less disruptive and safer from that perspective. Why replicate that effort?


 2. It changes the meaning of 3rd party to be entity other then who
    is listed in From who sends or resends the message and adds Sender
    header field?

It is worse than that, providers are not allowed to sign typical emails without creating a fair amount of support calls. I thought we were past this mistake.

2.9  Verifier Acceptable Third Party Signature
...
,---
| Verifiers SHOULD NOT accept signatures from identities
| that have no known relationship with the message other than their
| appearance in the "DKIM-Signature" header.
'___

This overlooks perhaps stelar conduct by the "third-party" signer.



The photo-kiosk at Wally World may not be able to send grandma the two dollar gif photo of the kids on the Moose ride after-all, even after signing the message and adding the Sender header. The photo- kiosk has no control over From policies or what is white-listed by the recipient. This lowers delivery integrity for messages within a large segment of the industry, where name-based reputation and listing would have provided significant value.

SSP seems determined only the From and perhaps the Sender headers matter. The From header may have a minor relationship with who is introducing the message and no relationship with who is signing the message. If "phishing" were solved as a special case for a small number of troubled domains, would DKIM protecting the email message transport system rather than a particular header then make sense? If the effort is to ensure the signing entity is visible, an interim "special case" with a dedicated service for DKIM could be established, otherwise OpenPGP or S/MIME might be better used instead.

-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org