ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Review of draft-fenton-dkim-threats-01

2005-10-29 15:34:12
Earl Hood <earl(_at_)earlhood(_dot_)com> writes:

On October 29, 2005 at 06:44, Eric Rescorla wrote:

S 5:
   One of the most fundamental bad acts being attempted is the delivery
   of messages which are not authorized by the alleged originating
   domain.  As described above, these messages might merely be unwanted
   by the recipient, or might be part of a confidence scheme or a
   delivery vector for malware.

This seems to me to be too concrete. At a meta-level, the bad
act being attempted is the delivery of messages which the receiver
doesn't want to see (see Section 2 again).

Only the receiver knows what they want and do not want to see.

The bad act is the deliberate deception by the sender upon the
recipient to avoid accountability and/or obtain a false sense of
trust in order to entice the recipient to perform actions based on
that false trust.

A spam message does not mean that any identities are being spoofed.

Exactly. But forgery is not a significant problem outside of the
spam/phishing context. And outside that context it's arguable that
it would be better dealt with with something like S/MIME.


But doesn't this effectively say "DKIM (or any sender signing scheme)
doesn't work against attacks that attempt to involve impersonating
a specific source address"? What class of specific impersonation
attacks does this technology actually work against in practice?

"Exact" domain spoofing.  I.e. There is a desire to at least deal
with cases to avoid unauthorized use of an exact domain.  Look-alike
attacks are a much more difficult problem since human factors are
more involved.

Right, but the important question is whether the benefit of
reducing exact domain spoofing is of much value.

-Ekr



_______________________________________________
ietf-dkim mailing list
http://dkim.org