On Aug 29, 2006, at 4:41 PM, Hallam-Baker, Phillip wrote:
Orbitz might not care about the security issues raised by allowing
doubleclick to sign messages on behalf of their CEO and other
executives. Many others will.
Why is that a security issue?
As I understand it, email sent by ceo(_at_)orbitz(_dot_)com where he
wants to assert that he is the author will use S/MIME or similar.
Domainkeys and friends specify who has taken responsibility for
an email, not the identity of the author. Anyone prepared to take
responsibility either directly or indirectly (by sharing their private
key or delegating control over some subset of their key publication)
can take do that.
So... the idea that DomainKeys would be used to "sign" email, in
an S/MIME or PGP sort of sense, on behalf of an individual seems
somewhere between meaningless and nonsensical.
What am I missing here?
Cheers,
Steve
This is a security area spec, least privilege must apply wherever
possible.
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of John L
Sent: Tuesday, August 29, 2006 6:18 PM
To: DKIM List
Subject: [ietf-dkim] Delegated signatures in real life
Here's the headers from a message that Doubleclick just sent
to my Yahoo account on behalf of Orbitz. Note that the From:
address and DK signature are in email.orbitz.com, even though
it was sent by Doubleclick from a Doubleclick IP. Yahoo
thoughfully displayed a little now saying that the DK
signature was good when I looked at the message. I also
include the key record, retrieved from Doubleclick's name servers.
Senders already use NS delegation to let third parties put on
first party DK signatures. It works. It's popular. There
is no need to invent another way to solve this solved problem.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The
Internet for Dummies", Information Superhighwayman wanna-be,
http://www.johnlevine.com, Mayor "More Wiener schnitzel,
please", said Tom, revealingly.
X-Apparently-To: jrlevine2(_at_)yahoo(_dot_)com via 206.190.38.154; Tue,
29 Aug 2006 07:42:48 -0700
X-Originating-IP: [198.31.62.19]
Authentication-Results: mta162.mail.mud.yahoo.com
from=email.orbitz.com; domainkeys=pass (ok)
Received: from 198.31.62.19 (EHLO mta.email.orbitz.com)
(198.31.62.19)
by mta162.mail.mud.yahoo.com with SMTP; Tue, 29 Aug 2006
07:40:52 -0700
DomainKey-Signature: s=dk; d=email.orbitz.com; c=nofws;
q=dns;
b=nUvGhBPdC8bKVo8E/nLbHWcPJE7mFu83ePkSkmcE91EYdNUb7Wl4emekvK3t
kHzRCu1u94C7oWy5xX/HOjRBOkudiRdnWaTMkZmHypYllnuyUX71y7WhkeojckSbInn6;
Date: Tue, 29 Aug 2006 10:40:32 -0400 (EDT)
From: "Orbitz"<Orbitz(_at_)email(_dot_)orbitz(_dot_)com>
To: jrlevine2(_at_)yahoo(_dot_)com
Subject: Joe, Sale Ending & Rochester Flights from $142 r/t
MIME-Version: 1.0
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Length: 6278
(look for the key record)
$ dig dk._domainkey.email.orbitz.com txt
; <<>> DiG 9.3.1 <<>> dk._domainkey.email.orbitz.com txt ;;
global options: printcmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23293 ;;
flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;dk._domainkey.email.orbitz.com. IN TXT
;; ANSWER SECTION:
dk._domainkey.email.orbitz.com. 21600 IN TXT
"p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhALdLXrYpY2RRUPHr6ph9jVnrFAY
vyNjEgGVRmxjiu2EUBEyQDKFOSiDzS00xN/HaIt5IknLJumgu/YdaHhHAgsnnO
RUV1JwDcOZ3Xo3Iz9cT3ojg4us6SpQhl01dVGS6dwIDAQAB\;"
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html