Re: [ietf-dkim] The (really) latest SSP draft
2007-10-22 04:19:32
On Fri, 19 Oct 2007 20:07:30 +0100, Douglas Otis <dotis(_at_)mail-abuse(_dot_)org>
wrote:
On Oct 19, 2007, at 8:46 AM, Jim Fenton wrote:
4871 indeed uses a broad notion of "responsibility". However, in the
case where the signing address is the same* as some other header field,
such as 2822.From, I don't see how a signer can be responsible for a
message that uses its own address without an implied claim that the
address is correct.
* "same" meaning that the i= address is either the identical, or that
the i= address has the same domain if i= has no specified local part.
It would be a bit more accurate to use the term "signing domain", rather
than "signing address". An address (the i= parameter) is optional,
after all.
The optional i= parameter represents the identity of the user or agent
(e.g., a mailing list manager) on who's behalf the message was signed.
The base specification makes no statement that this optional parameter
SHOULD NOT be applied when the user or agent identity has not been
validated. (See the informative note about whether the i= parameter can
be trusted.) Without a stipulation that the i= parameter MUST BE
validated, and exactly which validation mechanisms must be used within
the base specification, it would be a significant change to assume
inclusion of the i= parameter thereby confers responsibility to validate
identities onto signing domains. There are also cases where the i=
parameter can not be applied, such as when the signing domain is within
a sub-domain of the identity, or when the identity is within another
domain. Would you envision the blocking of messages which did not
include the i= parameter containing the local-part?
I think these questions are best addressed by examining scenarios where a
signed message somehow does NOT originate from its purported From: (or
Sender:), and whether the signer OUGHT (whatever that means) to have taken
more care.
So, for an extreme example, suppose example.com is running an open relay
and happily signs everything that passes through. So any scammer who wants
to pretend to be From: someone(_at_)example(_dot_)com simply submits his message to
that open relay, and it comes out signed. I think we would all agree that
example.com is being grossly irresponsible in that situation, whether he
has technically breached 4871 or not. And if 4871 does allow that
behaviour, then it is surely too weak, since the minimum that a signature
shoudl imply is that this message did indeed originate within our domain.
But, to go further, if the signer goes to the trouble of including an "i="
(which he is not obliged to do), then surely recipients are entitled to
assume he did so for some good reason. So if he said
i=subdomain.example.com, then surely the From/Sender can be expected to be
from that subdomain; and if he said i=someone(_at_)example(_dot_)com, then surely
recipients can assume that 'someone' had indeed played some part in
sending it.
Otherwise, what is the point of signatures?
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-dkim] The (really) latest SSP draft, Arvel Hathcock
- Re: [ietf-dkim] The (really) latest SSP draft, Dave Crocker
- Re: [ietf-dkim] The (really) latest SSP draft, Jim Fenton
- Re: [ietf-dkim] The (really) latest SSP draft,
Charles Lindsey <=
- Re: [ietf-dkim] The (really) latest SSP draft, Jon Callas
- Re: [ietf-dkim] The (really) latest SSP draft, Mark Delany
- Re: [ietf-dkim] The (really) latest SSP draft, Douglas Otis
- Re: [ietf-dkim] The (really) latest SSP draft, Jeff Macdonald
- Re: [ietf-dkim] The (really) latest SSP draft, John Levine
- Re: [ietf-dkim] The (really) latest SSP draft, Jeff Macdonald
- Re: [ietf-dkim] The (really) latest SSP draft, John L
- Re: [ietf-dkim] The (really) latest SSP draft, Jeff Macdonald
- Re: [ietf-dkim] list identities, was SSP, John L
- Re: [ietf-dkim] The (really) latest SSP draft, Hector Santos
|
|
|