ietf-dkim
[Top] [All Lists]

RE: [ietf-dkim] user level ssp

2006-09-07 14:41:36
OOPs forgot one criteria,

* There is no valid signature

:-)

I think that there will be a lot of value in the 'no I mean it' modifier in the 
next couple of years. Eventually I hope we can fix the relays and everyone can 
mean it.

Another semantic difference is that if I see someone claiming to be a target of 
phishing and I see fake messages I am likely to want to report them.  

-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Steve Atkins
Sent: Thursday, September 07, 2006 4:32 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] user level ssp


On Sep 7, 2006, at 12:54 PM, Hallam-Baker, Phillip wrote:


[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Steve 
Atkins

On Sep 7, 2006, at 12:28 PM, Hallam-Baker, Phillip wrote:


[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of John 
Levine

Mostly +1

But there could be utility in the sender saying 'My email
is at very
serious risk of being impersonated'.

What is that utility? Please expand on what behaviour you 
expect from 
the recipient and how that will differ from the case where 
the sender 
does not say that.

If I know that you are a self declared target of phishing 
and that the 
consequences of letting a phish go through are considerably more 
serious than a random impersonation spam I can adjust my 
spam filters 
accordingly.

In particular I would expect to filter out ALL mail 
automatically in 
the case that ALL the following apply:

  * The sender ALWAYS signs
  * The sender declares themselves to be at risk of phishing attack
  * The content is HTML
  * There are URIs in the body of the text message
  * The message has not been forwarded by a previously noted 
intermediary.

How does that differ from the case where:

   * The sender ALWAYS signs
   * The content is HTML
   * There are URIs in the body of the text message
   * The message has not been forwarded by a previously noted 
intermediary.

I guess that the real question is  what's the difference 
between "I always sign"
and "I always sign and I get phished"?

The impression I'm getting, from several people, is that "I 
always sign" is already being written off as likely to be 
ignored by recipients and that there needs to be a "No, I 
really mean it!" modifier?

Cheers,
   Steve

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html



_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html