ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Review of draft-fenton-dkim-threats-01

2005-11-01 12:27:18
Arvel Hathcock <arvel(_at_)altn(_dot_)com> wrote:

Since the people I know involved with DKIM expect it
to be plenty useful without third party reputation services,
I'm not sure what your point is.

Well, they may expect it to be, but I haven't heard any arguments
along those lines that I find convincing.

Really??  If I see a message which is DKIM signed by iecc.com and
iecc.com is on my "DKIM white-list" this is pretty useful info right?
I can probably get away with relaxing or even skipping heuristic spam
filtering on that email with a fair degree of comfort.  How is the
utility of that in any way unclear?

The scenario you cite is likely of *some* utility but it's not clear how
much, or if it exceeds the cost of implementation and design. The answer
to that question depends on (at minimum) (1) what the false positive
rate would have been without the whitelisting (2) the degree of
predictability about whitelist contents (for attackers), and (3) the
level of zombie infection--or more precisely potential zombie
infection--of the domains which are on the whitelist. It's not clear to
me that we have good data on any of these questions, let alone an
analysis that incorporates all of them.

-Ekr






_______________________________________________
ietf-dkim mailing list
http://dkim.org