Re: [ietf-dkim] DKIM in the MUA should not be the goal, just a side beni

On Apr 18, 2006, at 6:56 PM, Stephen Farrell wrote:
> Douglas Otis wrote:
> > If 7 days provides for the SMTP transport, and people in Sweden  
> > and France want to verify messages following their 5 week  
> > vacation, then this would require a minimum of 42 days of key  
> > availability.  The suggestion for 45 days provided an additional 3  
> > days to assure availability following such a vacation.
> Eh... That's nonsense. You may as well say that if I choose to stay  
> offline for a year, then everyone has to abide by that and leave  
> keys lying about until I'm back.
When a large portion of a country's population goes on vacation for 5  
weeks (or maybe all of August), as provided by local laws, 90% of the  
time they would have normal access to their email.  This would  
significantly affect the distribution of transit delays.  A message  
verified at the MUA, where keys are removed every few days, then  
expose these individuals to the fraud DKIM could have prevented, even  
when only checked at the MUA.  August may become a phishing season. : (

> If you knew the distribution of transit times based on some  
> reasonable sample, then I'd listen. Presumably there's a bell curve  
> in there and we could argue about how many std. devs. to ask  
> signers to take into account. Anything less soundly based is only  
> as good as our charter, i.e. "a few days at most" so we may as well  
> stick with that.
"A few days at most" is _not_ what the charter says.

"... the expected transit time of a message from originator to  
recipient, which is normally only a matter of a few days at most.
Most engineers would read this sentence differently, looking for what  
is being measured.  Normal latency is _really_ not important nor  
significant consideration for establishing a limit.
Consider a European work schedule with an 8 hour work day 5 days a  
week, where email access is obtained from a system at the work  
place.  The standard deviation for email access latency would be  
about 50 hours.  Key availability needs to accommodate the possible  
SMTP latency of 7 days + access latency where 16/48 hours may be  
predominate latency.  This latency would suggest 99% of an area under  
a Gaussian bell curve or normal distribution would be encompassed by  
adding an additional 6.26 days to that needed for SMTP latency.  The  
problem with this conclusion is that the distribution caused by a  
vacation is _not_ Gaussian.
> Ostensibly non-arbitrary vacation rules don't count. The fact that  
> you forgot maternity/paternity/parental leave e.g. in Bayern or  
> Ireland and the fact that those durations differ and change outside  
> the control of the IETF are all exceptionally good indicators that  
> you're basically way off base.
Human behaviors are always outside the control of an IETF standard,  
however a protective standard should accommodate typical human  
behaviors. In some countries, a human induced latency within the MUA  
transport may commonly extend for better than a full month, where the  
mean is still 50 hours.
-Doug




_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html