ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Review of draft-fenton-dkim-threats-01

2005-10-31 09:00:44
from [Stephen Farrell] [Permanent Link] 

Eric,

Thanks for the review. Just focusing on your general
remarks:

Eric Rescorla wrote:

What I would have expected in a threat analysis of this type is that
one would start with a relatively broad view of the type of system
one was considering developing ("server-based message-based signatures
to prevent mail forgery") and then describe potential attacks on
such systems and the types of countermeasures that can be used to
protect against them. 

That is probably a fair criticism of the document taken in
isolation, but given that it was produced specifically to
meet a stated requirement for wg-formation, the "moving
target" defence is legitimate in this case.

However, I think out current draft charter does imply
moving the document more towards the analysis you'd like
to see, which is perhaps all that can be done at this
stage, so taking the doucment in tandem with the draft
charter, does IMO (promise to) handle this comment. Do
you agree?

> What I see here assumes that the system to
> be developed is essentially DKIM and asks how DKIM can be attacked.
> That's only somewhat useful for determining whether DKIM should be
> standardized and not at all useful for determining whether alternative
> designs would be inferior or superior.

Well, it does have *dkim* in the name, so I don't think you can
really ask that the document compare against all other potential
documented and not documented proposals. My point is that your
criticism seems to be taking the document in isolation once more
and not in its true context which at this point is the draft
charter.


[...]  I think that that requires a real argument
that this approach will be useful in stopping spam, not just
saying that stopping forgery is good and this stops forgery, so....


Can you help me understand what you'd consider a "real argument"?
E.g. if you can point at something in the literature or else
describe how such an argument would be structured?

One nit about your text though: if a claim were made that dkim
would "stop" spam, that'd be rightly criticised, which means that
its not fair to criticise dkim on the basis that it won't "stop"
this, that or the other. I'm sure you'd agree that were dkim to
be useful in reducing spam, then that on the face of it is a
worthwhile goal to try reach, so long as the inevitable costs of
doing something are sufficiently smaller than the costs of doing
nothing (where there's plenty of scope for argument of course).

Regards,
Stephen.

_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] is this a problem or not?, Ned Freed
Next by Date:  Re: [ietf-dkim] A potential problem with SSP bound to From, Michael Thomas
Previous by Thread:  Re: [ietf-dkim] Review of draft-fenton-dkim-threats-01, Jim Fenton
Next by Thread:  Re: [ietf-dkim] Review of draft-fenton-dkim-threats-01, Eric Rescorla
Indexes:  [Date] [Thread] [Top] [All Lists]