First, one needn't be phished (or wait to be phished) in order to be
motivated to protect one's domain (a key corporate asset) from
unauthorized use. My house has never been robbed, yet my doors all
have locks. Second, the fact that someone might errantly configure a
"I sign all" when they shouldn't must not stop us from providing
benefit to those who will properly understand and use the system.
I am quite fond of the house analogy, because our concept of home
security is actually pretty sophisticated.
For example, it represents a significant balancing act between
expense/complexity on the one side, versus perceived (and actual) risk
on the other.
Your house can be broken into. Quite easily. So can mine and pretty
much everyone else's.
We mostly understand just how easily. Yet we find the current level of
protection adequate.
We should keep that kind of balancing in mind, when we talk about what
kinds of security DKIM is expected to provide.
We should that kind of balancing in mind particularly when we find
ourselves tending to believe that it will provide extensive and basic
protection against determined and sophisticated attacks. It won't,
particularly with respect to interesting forms of phishing attacks.
Phishing fundamentally entails tricking humans. There is no known
technique -- computer-based or otherwise -- for guaranteeing that humans
will not be tricked. So the broad statements about the use of DKIM, in
the service of generically stopping phishing, are quitey simply invalid.
DKIM provides a very modest service.
That's what makes it useful.
The more ambitious are the goals for DKIM, the less likely that it will
be useful.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html