----- Original Message -----
From: "John Levine" <johnl(_at_)iecc(_dot_)com>
To: "Wietse Venema" <wietse(_at_)porcupine(_dot_)org>
Cc: <ietf-dkim(_at_)mipassoc(_dot_)org>
Sent: Sunday, August 27, 2006 11:41 AM
Subject: Re: [ietf-dkim] Re: Responsibility concerns with
DesignatedSigningDomains
Actually, I think the problem is that people want to read
way too much meaning into a DKIM signature. If a message
is signed by blah.com, all that means is "if you don't
like this message, blame blah.com." That's it. Despite
quite a lot of loud wishful thinking from people in my killfile,
....
You know John, your mail would be so more delightful and interesting to
read, as was this one, with valid points, if such ignorant and nonsense
statements was kept to yourself.
This is an important deliberate design decision. In my case,
for example, I expect to sign all the outgoing mail at my MTA
with my main domain, even though I have users who send mail in
about 200 vanity and small biz domains. So long as my users
behave, which they do, there is no point to trying to match
up signatures with From: lines and the effort to do so would
be so great that I wouldn't, anyway.
Fair enough.
But consider this:
The evolving bad actor will now know the existence of DKIM ready John.com
and like systems out there. They will know they have a way to blast mail
with a higher phishing confidence in attacks against other remote systems
around the world using your domains and user email addresses information.
Example: A phish/spoof to OTHER systems, not from your users or system.
From: User @ ChezJohn.com
To: PoorShmuck @ PhishingTarget.com
Subject: Some enticing topic
Sender: Joel @ TrustMe.com
DKIM-Signature: d=John.com; # fake/invalid 1st party
DKIM-Signature: d=TrustMe.com # valid 3rd party
So it is not just about *you* and how well behave your social network or
users are, but how bad actors very easilly begin to use *you* to exploit
others.
Finally, don't forget that recipients have great latitude in
their interpretation of DKIM signatures. If you don't think
that third party signatures tell you anything useful, you
can always ignore them.
That's very true. DKIM MUA Market will have a role. We have it planned to
update our Mail Readers to support DKIM too.
But so will the DKIM SMTP market have a major role too as the centralized
source for its user network.
The clear direction in the security market is to be more proactive in
preempting malicious behavior (default OFF). Passing the buck to the user
has been shown to not work very well. Of course, with smarter readers, it
will help. But we can't assume the market of users, especially those
outside your own social network, will be using the required special DKIM
MUA.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html