ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Future uses of DKIM in Netnews (was: "I sign everything" yes/no)

2006-11-28 04:18:16
from [Charles Lindsey] [Permanent Link]
On Mon, 27 Nov 2006 16:20:32 -0000, Frank Ellermann <nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> wrote: 


Charles Lindsey wrote:


large numbers of posters routinely 'munge' their addresses (hopefully
also adding a '.invalid' at the end), and that will rather defeat the
intentions of DKIM.


I'm not sure what Phil's talking about, but I have usepro-06 in mind,
where you say that pgpverify (for control messages) is not exactly state
of the art.  Maybe a variant of DKIM could replace it (if server admins
got used to the idea because they see it in mail, and if DKIM works as
expected to some degree).
Well, it's getting a bit off topic, but the possibility of adapting DKIM-base for a future PGPVERIFY is one of the reasons I am on this list. But DKIM-base is not 100% suitable. You wouldn't want a header called "DKIM-Signed" for an application totally unconnected with DKIM, and you would not want the signing key to be based on a domain-name (a newsgroup-name such as news.announce.newgroups is traditional) and so you wouldn't be using DNS to publicize your keys. I raised some of these concerns in my "Introducing myself" thread when I first joined this list.
The other reason I am here is because of concerns over EAI. The MUST sign From is problematical there, as is the expectation that the CTE on the wire will have to be Base64 or Q-P for DKIM-base to work, which is exactly what EAI is trying to put behind us. 

Posters who know how a cancel works and intend to use it, moderators,
TLH admins, and other newgroup/rmgroup users don't munge their address.
Sure they won't. But that makes their addresses highly visible spam magnets (you should see the 100:1 spam:signal ratio that control(_at_)usenet(_dot_)org(_dot_)uk gets). But ordinary Usenet users, who are the ones Phil thought might use DKIM, find life much quieter if they don't use their genuine email addresses in From:.
So I don't think DKIM is really much use for routine use on Usenet, though there may be a few special-purpose needs for it. 

--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131     Web: http://www.cs.man.ac.uk/~chl 
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Re: ISSUE: Better definition of "DKIM signing complete" required, Hector Santos
Next by Date:  [ietf-dkim] Role of Sender header as signing domain, Charles Lindsey
Previous by Thread:  [ietf-dkim] Future uses of DKIM in Netnews (was: "I sign everything" yes/no), Frank Ellermann
Next by Thread:  [ietf-dkim] News FYI - Insider Threats, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]