ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] DKIM in the MUA should not be the goal, just a side benifit

2006-04-19 12:21:26

On Apr 19, 2006, at 1:33 AM, Stephen Farrell wrote:

Douglas Otis wrote:

When a large portion of a country's population goes on vacation for 5

Exactly what portion is that?

What portion of the population would be enough to matter?

"The expected transit time of a message from originator to recipient" refers to transit latency where originators and recipients are typically people. A measure of "normal" or the mean of person to person email message transit latency will be within the realm of a few days at most. Concerns related to how long a key should remain available to protect this transit period must consider typically induced latencies due to common human behavior.

While machine to machine latencies are often measured in seconds, but still equipment failure recovery often gives up after 5 days. Transports beyond SMTP listed as being protected by DKIM carry the message to the recipient. These transports may suffer typical spikes in latency when a person is on vacation. Unusual behaviors will not be attractive, as the bad actor would have trouble knowing when to exploit this behavior. The question of expected transit time requires the consideration of what is "typical" human behavior. The DKIM charter appears to ask the question of expected transit times of messages between humans. The norm is not interesting, but social behavior is predicable.

The WG may conclude the mailbox following a vacation will not be assured protection based upon their inadequate recommendations. This would be unfortunate. A criminal could easily take advantage of such poor recommendations and run phishing expeditions during typical vacation periods. People, being social, often exhibit predictable behaviors that criminals often exploit. Going on vacation is a classic example. A person coming back from vacation finding urgent notices from their bank, who also learns messages do not verify after a few days, would be exposed to possible exploits that deliberately spoof such messages knowing many other valid messages will also not verify.

In a quote from the Cornell page:
"In Europe, vacation time often occurs in August--all of August! A European Union directive prescribes four weeks annual leave for all employees (EC 93/104 Art.7(1))."

Average Number of Vacation Days Per Year
Italy           42 days
France          37 days
Germany         35 days
Brazil          34 days
United Kingdom  28 days
Canada          26 days
Korea           25 days
Japan           25 days
U.S.            13 days

Source: World Tourism Organization (WTO).


I bet a beer that there are more Swedes that have an email address they never or sporadically read than there are Swedes that regularly read mail except for during their supposed 5-week offline. But that's as bogus as your assertion, since its also based on no data.

At this point in time, until some data supports the duration of the typical spikes in latency due to vacations, assuming the WG decides to protect recipients over their vacation, the recommendations made in Section 5.2 in the base draft should only explain what the key availability duration should cover, and not indicate that 7 days is okay. In my view, 7 day key availability is not adequate to protect emails to the recipient at the MUA. By assuring protection at the MUA, DKIM can offer protection once the sender starts signing their messages, and the recipient obtains an email client able to verify DKIM signatures. No other dependency would slow DKIM deployment and use. There would be no delay induced waiting for the deployment results header handling, for example.


If you've got a real distribution, then that'd be interesting. Deriving/divining a figure of 6.26 days without that isn't usefully more interesting. Maybe John would like ASRG to include this as part of their work.

The standard deviation figure was mentioned to explain that the nature of the distribution of the data must be considered before making conclusions about what a standard deviation implies. If the WG decides to protect individuals over their vacation, then the duration of these vacations could be assessed using statistics. Looking at POP polling intervals and running statistics on this information as a whole will overwhelm the information related to vacations. Looking for periods longer than a few days of no polling might provide suitable information. With the US typically taking short vacations, the more interesting data would also likely be found elsewhere.


Again, all this is an aside for us. There's no required correlation between x= and key life cycles. Please stop flogging that dead horse.

The x= parameter is a totally separate issue. Where have I conflated the two?

-Doug


_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>