On Apr 28, 2006, at 5:45 PM, J.D. Falk wrote:
On 2006-04-28 10:10, Douglas Otis wrote:
: The r= parameter is defined by the signer as a simple number
: of 0-9, where 0 is the default offering the lowest reliance
: level. To ensure control in the case of MUA signing, this r=
: parameter in the signature MUST always be less than or equal
: to the key r= level. If there are no r= parameters found in
: the key, the highest r= parameter allowed in the signature
: would be r=0. An instance where the key r= parameter is less
: than that of the signature, the signature is invalid.
One signer's r=3 might connote a level of verification equivalent
to another signer's r=8. So as a recipient, I'd have to keep track
of the domain, the selector, AND the r value...even though I'll be
making my reputation decision based entirely on criteria of my own
choosing. So, I might as well just ignore the r value.
Without conventions established for the use of this parameter, it
will offer only little value. Without conventions, only the reliance
parameter being greater than zero would be of any significance.
Conventions can recommend reliance levels for various types of
sources such as:
Administrators 9
Transactional email 8
Permanent Employees 7
Automated messages 6
Mailing lists 5
Domain Users 4
Bulk 3
Proxy Service 2
Transparent Service 1
Guests 0
With this type of list, a recipient wishing to annotate messages
would have a far better idea what level of reliance could be placed
upon a range of messages from an otherwise trusted and well-known
domain. Not all messages are trustworthy, even from a well-known
domain. Perhaps as a general practice, all domains would default to
receiving elevated annotation when exceeding a level of 5.
You're trying to fit reputation policy -- which is a sociopolitical
issue -- into a technical standard.
This is _not_ about reputation. This is confronting the issue that
not all messages from well-known domains are equally vetted. This
mechanism simply allows the well-known (and otherwise trusted domain)
to characterize the level of vetting that has been given their
sources. (Of course there would be greater damage to their
reputation should abuse be signed at a high level of reliance.)
This mechanism is to head off a highly counter-productive strategy
that adopts a plethora of domain-names that attempt to make these
same types of distinctions. Such a strategy further increases the
number of look-alike domains and perhaps overwhelm the average
consumer, while also greatly diminishing brand recognition. Brand
recognition is of tremendous value and is being protected by this r=
mechanism. If DKIM is to curtail the success of phishing attempts,
this r= (or something like it such as selector tagging) is vitally
needed.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html