ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Re: Threat analysis kickoff

2005-11-16 15:27:19
from [Jim Fenton] [Permanent Link] 
Frank,
I'm having a little trouble figuring out how to use your comments. In some cases (2821-zoo) it appears you agree, in others it appears that you are describing new threats (zombie behind the checking agent) and others I'm not sure. Can you provide a list of threats that have not been mentioned which you think should be included? 

Thanks

-Jim

Frank Ellermann wrote:


Jim Fenton wrote:


For "countermeasures", I'd like to declare out-of-scope the
use of independent mechanisms such as SPF and CSV; I think
those apply more-or-less equally to all.


Add DNSBLs and MTAMARK for a more or less complete 2821-zoo ;-)
That's kind of obvious, only independent 2822 mechanisms like
PRA could muddy the water.


In addition, I'd like to include a chart of threats with
their likelihood and impact rated as High/Medium/Low.


It depends on how good DKIM will work (overall from a user's
POV behind DKIM checks).  If it works really good the attackers
will try everything to get some kind of "PASS" (bogus or true).

They will try to get a zombie before the "signing agent" or
behind the "checking agent".  If that fails they will pretend
to have managed it anyway, with a "PASS" for their very own
"eboy" domain of the day 
High: All users of DKIM should expect this attack on a
     frequent basis


eboy is high.  Impact medium (?).  Nothing new or special if
it's clearly documented everywhere.


Medium: Users of DKIM should expect this attack occasionally


Zombie behind the "checking agent" could be medium, it depends
on how that's organized by the receving network, some TBD way
to report results (e.g. header field and what MUAs do with it).


Low: Attack is expected to be rare and/or very infrequent


Zombie "inside" ebay's network before the "signing agent" is
FUBAR, and it would kill ebay.  Sooner or later somebody will
manage to commit net suicide with DKIM => impact lethal, not
only "high".


in the meantime, be thinking of attacks.


                     Bye, Frank


_______________________________________________
ietf-dkim mailing list
http://dkim.org


_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] DKIM charter (Should DKIM directly prevent spoofing?), Mark Delany
Next by Date:  Re: [ietf-dkim] DKIM charter (Should DKIM directly prevent spoofing?), Douglas Otis
Previous by Thread:  [ietf-dkim] Re: Threat analysis kickoff, Frank Ellermann
Next by Thread:  [ietf-dkim] Re: Threat analysis kickoff, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]