ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc.

2006-03-16 10:46:19
from [Dave Crocker] [Permanent Link]
You just described a database of one entry, with a very specific *additional* semantic. This a) requires listing the domain name(s) to be assigned the semantic, and b) the semantic that goes with this. This all goes far beyond the DKIM base specification. 

You've deleted the key word: "local". We have no local database.


Yes, you do.
At any rate: 1) the issue was whether you have a database, not whether it was local or global, and 2) you treat cisco.com specially and this requires listing cisco.com specially. That listing is a database. 



We're just using the SSP semantics as defined to

This is flat out wrong too. When you forward, you change the From:
address. Mailing lists do not. Therein lies the problem: they are
indistinguishable from random spoofers.
You have confused some details that are different -- some of the time -- with DKIM requirements. Worst is that those requirements are not in the base specification. 

I can see that you're equivocating about "base".
It is odd that you would class an effort to improve precision and accuracy as 'equivocating'.
It is particularly unfortunate since you seem to be relying on facts and rules that have no formal status. Whether they ever will is an important question, but it is purely a matter of conjecture. 


 I've never claimed

that it was -base alone. It's -base in conjunction with -ssp. And
you still haven't refuted my point. Both you and John would do well
to actually get some real-life experience here.
Yeah. John and I do seriously lack real-world experience. Thanks for repeatedly pointing that out.
With respect to the point that I was making, there seems to be no concern whether manual re-posting breaks a signature, but a great deal of concern when that re-posting is by a user-level automaton. 

It has _nothing_ to do with humans and automatons. It has
to do with the purported From: address; mailing lists that
mangle messages are indistinguishable from any miscreant that might
You are conflating mailing list manipulation issues with SSP From field enforcement issues. The former is the topic for this thread.
And it would be interesting to see your response concerning the difference you seem to see, between breaking a signature for mailing list forwarding of individual messages, versus breaking a signature for messages contained in a mailing list digest. 

d/
--

Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Re: Concerns about DKIM and mailiing lists, etc., Michael Thomas
Next by Date:  Re: [ietf-dkim] Re: Concerns about DKIM and mailiing lists, etc., Dave Crocker
Previous by Thread:  Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc., Michael Thomas
Next by Thread:  Re: [ietf-dkim] Concerns about DKIM and mailiing lists, etc., Michael Thomas
Indexes:  [Date] [Thread] [Top] [All Lists]