ietf-dkim
[Top] [All Lists]

RE: [ietf-dkim] SSP security relies upon the visual domain appearance

2005-11-18 09:24:49
Add my agreement, policy should be at the discretion of the signer.

Bill Oxley 
Messaging Engineer 
Cox Communications, Inc. 
Alpharetta GA 
404-847-6397 
bill(_dot_)oxley(_at_)cox(_dot_)com 


-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of John Levine
Sent: Friday, November 18, 2005 11:12 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] SSP security relies upon the visual domain
appearance

The "From:" header should not be signed if it contains more than one 
sending address. ...

Does anyone see such a statement as causing a problem?

I see it as needless and futile micromanagement.  The point of a DKIM
signature is that the signer is taking responsibility for the message.
The only semantics that a DKIM signature has is "blame us if you don't
like this message."  That's it.

We don't know all of the reasons that a signer might legitimately want
to sign multiple From: addresses, nor do we know all of the ways that
a bad guy might try to trick someone into signing his message, with
multiple From: addresses being rather low on that list.  

I could easily imagine an SSP-like system limiting itself to a subset
of otherwise syntactically valid messages, e.g. only one address in
the From: line, sender matches signer, or any of a host of other
rules.  But for the basic DKIM, a signer can sign anything he's
willing to, and please leave it at that.

R's,
John

_______________________________________________
ietf-dkim mailing list
http://dkim.org

_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>