On Jan 19, 2006, at 5:21 PM, Jim Fenton wrote:
The section 3.2. Use of Specific Identities constrains itself to what
the recipient sees in every case. Concerns related to fallibility of
humans being able to remember and recognize these identifiers would
be an attack on the identity or SSP, but _not_ DKIM. These issues
are important from the perspective of usurping the use of an identity
which is the topic of this section. When relying upon humans to
preform a validation of the identifier, it would appropriate to
discuss the frailness of this validation within this section. At
least reference these other sections.
Much of this is covered on 4.2.1. I suggested monitoring domain
registrations rather than defensive acquisition of similar domain
names as I think the monitoring will be needed by high-value
domains regardless.
By the time a look-alike domain is noticed, much of the damage may
have already been done. Many of these attacks could be measured in
hours. There are many registrars involved and thousands of possible
names. How timely will the potentially conflicting domain-names be
reported, and how quickly can this domain be removed? Don't overlook
the record TTLs. To be effective in a timely manner, services need
to be stopped by the network provider. The timeliness would then
assume providers can be contacted immediately, and that they
understand and believe the request to be legitimate.
Keep in mind, a recognition scheme used in conjunction with DKIM
never suffers from this susceptibility. There would be no emergency
calls to Korea at 3 AM local-time, or keeping tabs on or the
registering of thousands of possible names. In the threat draft, it
would be good to clarify what is being attacked. DKIM does not have
this problem, SSP does.
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org