The IESG has approved the following document:
- 'Analysis of Threats Motivating DomainKeys Identified Mail (DKIM) '
<draft-ietf-dkim-threats-03.txt> as an Informational RFC
This document is the product of the Domain Keys Identified Mail Working Group.
The IESG contact persons are Russ Housley and Sam Hartman.
A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-dkim-threats-03.txt
Technical Summary
This document provides an analysis of some threats against Internet
mail that are intended to be addressed by signature-based mail
authentication, in particular DomainKeys Identified Mail (DKIM). It
discusses the nature and location of the bad actors, what their
capabilities are, and what they intend to accomplish via their
attacks.
Working Group Summary
The DKIM WG easily reached consensus on the specific threats and on
how to document them. A couple of participants had concerns that the
document contained insufficient detail or was restricting design
options, but these participants also want the DKIM WG to move on to
protocol design.
Protocol Quality
As this is a threat analysis, there are no implementation issues. The
DKIM WG chairs solicited review from some current and former IAB
members, and received review from one, who was not totally pleased
with the document, nonetheless he helped improve it. The main issue
with such an analysis is that one can never know when the work is
complete. The DKIM WG did expend significant effort on this document
both in creating text and review.
This document was reviewed by Russ Housley for the IESG.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html