ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc.

2006-03-16 09:26:13
from [Dave Crocker] [Permanent Link]
The signature that you are so worried about preserving is only useful if there is some database to consult, about it. 

That is flat out wrong. We are right at this moment rolling out our
implementation of DKIM at Cisco. We have no local database. We are
getting utility our of DKIM by insuring our users to some degree
that the From address/domain that they see can or cannot be trusted to
the degree that DKIM makes that trustworthy. Y! and now Gmail from
what I hear are doing the same.
It sounds as if you are imparting more requirements on the phrase "some database" than the term has on its own.
You just described a database of one entry, with a very specific *additional* semantic. This a) requires listing the domain name(s) to be assigned the semantic, and b) the semantic that goes with this. This all goes far beyond the DKIM base specification. 

That this bit of database and semantic is easy to build is not the issue.
The issue is that it requires specifying the domain name(s) and treating them specially. That is a database.
And, as I've raised many times, I do not understand the compulsion to preserve a signature for a message that is re-posted by an automaton user agent, when there is no equivalent expectation of preservation, for a message that is manually re-posted -- such as when I forward a message on to someone else. The architectural role is the same. The semantics are the same. 

This is flat out wrong too. When you forward, you change the From:
address. Mailing lists do not. Therein lies the problem: they are
indistinguishable from random spoofers.
You have confused some details that are different -- some of the time -- with DKIM requirements. Worst is that those requirements are not in the base specification.
With respect to the point that I was making, there seems to be no concern whether manual re-posting breaks a signature, but a great deal of concern when that re-posting is by a user-level automaton. 

And, by the way:

1) Re-send is a form of user, manual forwarding.  It does not change the From.

2) Mailing list digests *do* change the From.

d/
--

Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] Issues status, Stephen Farrell
Next by Date:  Re: [ietf-dkim] Re: Concerns about DKIM and mailiing lists, etc., Arvel Hathcock
Previous by Thread:  Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc., Michael Thomas
Next by Thread:  Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc., Michael Thomas
Indexes:  [Date] [Thread] [Top] [All Lists]