Stephen Farrell wrote:
Doug,
Thanks again for trying to be brief. I think it did make you
easier to understand.
Terminology:
The terms "open-ended" and "closed" authorization are defined as:
A basic function of email authorization referenced by way of an
identity is to influence the acceptance or rejection of a
message.
The term "closed" indicates acceptance is based upon the identity
being found within a defined set of identifiers. When acceptance
does not require that the identity be contained within a defined
set, this is described as open-ended authorization. This
definition is not altered by the rating of messages once they are
accepted.
I don't think the term authorization is being properly applied
there. To me at least authorization is what's happening when
a policy enforcement point uses a policy decision point to get
a yes/no answer about some requested action.
I agree with Stephen; my disagreements over the use of the term
"authorization" for this are:
Let's compare DKIM without SSP with DKIM+SSP. DKIM-base makes a
positive statement about messages that are signed. Not that they're
"good" messages, but that the signing domain actually signed them. If
the signature address matches some other header in the message, it's
claiming that it had that role -- sender, resender or "from" (presumably
the originator of the message).
SSP adds the ability to provide some advice on what to do about unsigned
messages. It doesn't authorize anything -- depending on the policy, it
may determine that certain messages are "suspicious". It never makes a
positive assertion. A "signs some" policy is the same as not having SSP
at all; the other policies are more restrictive.
The threats here go something like this:
1. Attacker finds a domain that publishes a "signs some" policy (or
doesn't publish a policy at all, since this is the default, currently at
least). Attacker spoofs these addresses, since it isn't possible for
the recipient to know whether they should have been signed. This attack
exists whether or not SSP exists.
2. Attacker finds a domain that publishes a "-" policy (allows
signatures from other domains). Attacker registers a disposable domain
and signs messages "from" the found domain using the disposable domain.
Attacker may even add headers pretending that the disposable domain is a
mailing list or similar role. The messages will appear to be legitimate
to the verifier, unless the verifier uses a reputation system (either
local or shared) to determine that the signing domain does this sort of
thing.
3. Attacker registers a bunch of domains to do attack #2. This is more
of an attack on the reputation system than on DKIM itself.
So, to summarize, SSP only makes negative assertions: it calls certain
messages "suspicious". Calling it an authorization system distorts its
role.
-Jim
_______________________________________________
ietf-dkim mailing list
http://dkim.org