Doug,
Douglas Otis wrote:
---[D: Overlooking a practical solution while also recommending a highly
unfair solution.]
,---
|4.1.4. Chosen Message Replay
|
| ... One approach to this problem is for the
| domain to only sign email for clients that have passed a vetting
| process to provide traceability to the message originator in the
| event of abuse.
'---
Unless there is an expectation that individuals obtain their own
certificates from a trusted authority, individual reputations on a
cost-free email-address would be completely futile and unfair as DKIM
does not necessary verify the valid use of an email-address anyway.
Another strategy not mentioned would be establishing a practice where
incoming signatures are overlaid with verification results.
Recommending an overlay practice should replace recommending the
impossible of establishing the reputation for individual
email-addresses. There is _no_ means that would be fair without using
individual CA certificates. The recipient domain can be fairly held
accountable for ensuring that incoming signatures are protected using
signature overlays. The vetting process would be made when deciding
whether it would be _safe_ to sign a message destine for a particular
domain.
Replay abuse can not assume the email-address associated with the
message had participated. There is _no_ fair means for holding an
email-address accountable! A domain or IP address must always be made
accountable with respect to any reputation scheme!
This appears to be a fairly pure rant. What's the suggested alternate
text? (And here's a hint: I doubt very much that it'd be useful to
suggest defining a new mechanism like the above in this section where
we're basically describing threats.)
Stephen.
_______________________________________________
ietf-dkim mailing list
http://dkim.org