On Mar 13, 2006, at 5:23 PM, Jim Fenton wrote:
#7. s3.2.3 last sentence s/must be/should benefit from being/ The
"must" seems a bit strong.
I don't want to soften the statement too much; I have already done
so by saying that the identity has to be "fairly reliable". Is
this another of those places where I slipped out of character and
started to sound normative? I could instead say something like,
"reputation systems are dependent upon the use of an identity that
is, in practice, fairly reliable." Is that version better?
This aspect of identification becomes the basis for the disagreement
with respect to the impact on message replay abuse. Accruing fair
reputations indeed needs "fairly reliable" identifiers. In the case
of a signature, the nature of the abuse must also be limited to the
signed portion of the message.
This limitation creates a significant dilemma not considered in the
threat review. Both the frequency and the recipient of the message
must be excluded from a reputation assessment which emasculates any
DoS protections the reputation history should provide. When the
reputation accrual unfairly includes the envelope to restore DoS
protections, then the impact resulting from abusive message replay
affects the domain as a whole and should be deemed a high impact.
There is a solution that exists outside of DKIM, but must be mandated
in conjunction with DKIM, or recipients remain highly prone to DKIM
DoS attack.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html