On Sat, 2006-04-29 at 14:40 -0400, John L wrote:
Since we don't know what the arguments to r= mean, I don't understand why
r=xxx is better than xxx._domainkeys.foo.org, in both cases with an xxx
that means nothing unless you happen to have a side agreement with the
sender.
The text for the r= parameter indicated that as the number increases,
the recommended annotation levels made by the signer also increase.
With a selector, relative assurances do not exist. A selector for this
purpose also requires that key selection be tied to the level of the
recommendation, where it may be simpler to add this as an independent
parameter, especially when messages are being signed at the MTA.
More to the point, systems to evaluate the reputation of a sender or
signer are utterly, completely out of scope for the DKIM project.
The assurance being made by the signer has _nothing_ to due with
reputation. This r= parameter relates to annotation recommendations
made by the signing domain for a particular message. Within a
particular domain, some sources of messages will be considered by the
signing-domain as more trustworthy than others. Only the signer can
reasonably make this indication. With this parameter, the recipient
must still trust the signer, but the signer also indicates their level
of trust for the source, thus increasing security.
Perhaps this message is to inform customers about the availability of
recommended browser plug-ins. It would be important for a responsible
signer that these messages not be confused with other messages that
might also be signed, but are from less well vetted sources. Until
conventions are established, perhaps a general guideline could be
initially established of not offering elevated annotations for messages
with an r= level below 6.
As we keep reminding ourselves, a valid signature from foo.org means
no more or less than "you can blame foo.org if you don't like this."
This parameter is _not_ about reputation, it is about improving
security. This r= parameter is a recommended trust-level annotation for
a message from an otherwise trusted, well-known domain. Few, if any,
domains should be considered to only sign message from sources given
uniform vetting. Whether this is a financial institution or a large
ISP, there are some sources within these domains that should _not_ be
annotated with a uniform level of trust. The r= parameter allows the
signer a method to inform the recipient the level of trust the sender
recommends for the source of the message.
This r= parameter should prevent a practice of inventing oddly named
domains that attempts to make the same distinctions that can be far more
safely made using the r= parameter. This parameter is not about
reputation, this is about safety and security.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html