ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] Deployment Scenario 7: Cryptographic Upgrade andDowngrade Attacks

2007-02-23 14:24:26
from [Hallam-Baker, Phillip] [Permanent Link] 
 


[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Dave Crocker



Color me confused.  I thought we agreed long ago that 
downgrade attacks were not an issue for the problem DKIM addresses.


This was ONLY agree for DKIM-core.

The entire point of policy is to prevent downgrade attacks. That is what is 
meant by making an inference from the absence of a signature.



More basically, we are moving quickly into the morass of 
requiring SSP lookups for signed messages, rather than 
limiting SSP for use with unsigned messages.


Not at all, you only look at policy if you don't find a signature that 
sufficiently demonstrates authenticity.

If I support verification of algorithm A (and not B) then I only look up the 
policy record if I receive a message with no signature at all or a signature 
that I can't verify (e.g. B) or which fails verification.


    Hence, SSP should be used for receipt of unsigned 
messages.  Statements like "I sign everything" and "I send no 
mail" are examples.


Agreed on #1.

#2 is NOT a DKIM policy statement but it is a statement that someone might want 
to make in a policy language which gets to the point of are we talking about a 
DKIM policy language or DKIM statements within a policy language with a syntax 
that is capable of making more general statements?

I see utility in the folowing policy statements:

DKIM              - I ALWAYS sign with DKIM
DKIM=<selector>   - I ALWAYS sign with a DKIM signature where the 
                    key selector has the specified suffix
DKIM-TEST         - I MIGHT sign with DKIM, I am testing
PHISHING-TARGET   - Be advised that I consider myself a phishing target
NOMAIL            - I never ever send mail
REPORT=<Protocol> - Errors may be reported using the following protocol(s)
SPF [=domain]     - Look at the SPF record as well

In addition we might add for completeness:

SMIME             - I ALWAYS sign with S/MIME
PGP               - I ALWAYS sign with OpenPGP


As far as DKIM goes I only consider DKIM, DKIM=<selector> and possibly 
DKIM-TEST to be DKIM policies. The others are email sending policies, not DKIM 
policies.

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Re: Today's jabber notes..., Stephen Farrell
Next by Date:  Re: [ietf-dkim] Deployment Scenario 7: Cryptographic Upgrade and Downgrade Attacks, Paul Hoffman
Previous by Thread:  [ietf-dkim] Deployment Scenario 7: Cryptographic Upgrade and Downgrade Attacks, Hallam-Baker, Phillip
Next by Thread:  Re: [ietf-dkim] Deployment Scenario 7: Cryptographic Upgrade andDowngrade Attacks, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]