From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Charles
Lindsey
Sent: Wednesday, November 15, 2006 6:43 AM
To: DKIM
Subject: Re: [ietf-dkim] Policy decision tree outcomes
On Tue, 14 Nov 2006 16:57:28 -0000, Hallam-Baker, Phillip
<pbaker(_at_)verisign(_dot_)com> wrote:
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of
Charles Lindsey
AXIOM-2 denied.
If it finds a satisfactory authentication from a signer with an
apalling reputation, it should be _very_ suspicious.
In fact if the sender has a bad reputation I will not even
bother to
verify the signature let alone the policy. I will return to
this when
proposing a processing algorithm for my policy mechanism.
The apalling reputations I have in mind are when the signer
is a known spammer who tries to dupe people by providing a
valid signature which has no value. Oddly, in this case, it
would have marginally more value if verification failed.
This is an authorization decision, not an authentication decision.
If something purports to come from a sender with bad reputation it is going in
the bit bucket whether or not it is authentic.
LEMMA-2: There is no value in distinguishing between any of
the cases
A, B, C, D
AXIOM-4: There is no value in distinguishing between
states that
can be reached by an attacker.
AXION-4 Denied.
Attackers can easily do bad things before the message is
submitted to
the MSA.
It is much harder to attack a message once it has left its
originating MUA. You either need to have accomplices
inside the ISP,
or to be able to hack into it, or to have discovered a weakness in
its procedures, ... .
This limits the states that attackers can easily be reach, and
verifiers are quite entitled to attribute more suspicion to the
easier states.
OK: correction no point in distinguishing between states that are
reachable with equal degree of difficulty.
But there may well be value in distinguishing the likelihood
of some state being reached accidentally rather than
deliberately. So you might conclude that C1 was more (or
maybe less) likely than C2, according to your esperience of
how well genuine signatures survive on the real net. So if
you are using spamassassin and applying a given score to a
missing signatue (case A) you might apply a different score
to a failed signature (case B) and a different score again to
an unacceptable signature (case D). And the score would in
all cases be adjusted according to the SSP reported by the signer.
You can do that for a static analysis but it isn't going to work if the
spammers adapt.
The point I was making here is that a spammer can create fake signatures of
type A, B, C with roughly the same difficulty.
If we show that the corresponding 'legitimate' state is unlikely we can
conclude that a message with that phenomena is definitely a fake.
State A1 is the current norm, most messages have no signature. So A1 is likely.
State B1 occurs as the norm when a new signature algorithm is introduced, So B1
is likely.
State C1 currently occurs due to crappy intermediaries. So C1 is currently
likely but we can argue that over time the probability might change.
State D1 is certain to occur during a transition from a broken signature
algorithm. People still use DES.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html