Steve Atkins wrote:
Mechanisms like OpenPGP and S/MIME essentially validate the
authenticity of content. DKIM does not. For example, a DKIM
signature does not contain the semantics that claim that the From
field is correct, nevermind that it does not distinguish between
"brands" such as are often implied by the display string in the From
field, versus the email address in it.
DKIM is a mix of the two (as are pgp and s/mime).
I believe that a basic DKIM signature is not. I believe the semantics of a
signature are stated rather plainly in the -base specification.
Opening line of the -base Introduction:
"DomainKeys Identified Mail (DKIM) defines a mechanism... permitting a
signing domain to claim responsibility for the introduction of a message into
the mail stream."
(One might quibble about the "introduction" reference, since signing can be
done by any handler along the way, but that's a subtlety not at issue for this
discussion.)
It's setup to not only say "this message came from THIS recipient", but
also "THIS message came from this recipient".
Depends on what one means by "from" since a DKIM signature is not required to
relate to the rfc2822.From string.
Also do not at all understand the second half of your sentence. Came from
this *recipient*???
Rather, DKIM's task is to allow an organization to say this it has
some responsibility for the message; that is, come to them if there is
a problem.
That, to me, is it's *intended* use, sure, but there's no denying that a
validly signed DKIM message asserts that the content has not been
tampered with since it was signed (within some fairly well-defined
limitations).
Yes, it carries semantics about in-transit modification. But it says nothing
about correctness prior to signing.
PGP, S/MIME and DKIM all make the same basic statement: "*this* sender
sent you *this* message and it's not been tampered with since they
signed it". Intended usage may be different, but the basic function is
the same.
Mumble. My impression is that the semantics of these other signatures is
taken to be considerable stronger.
In looking at the range of features that have been added to SSP, I
keep thinking that this distinction is not clear. It seems to me that
there is tendency to want to build "the content is valid" mechanisms
into SSP.
That's an entirely different question to the one you started with. PGP
and S/MIME make no assertions about unsigned messages, and nor does DKIM.
SSP is primarily about making negative assertions about mail with a
particular from address that is not dkim signed.
That is only one of SSP's features.
> Given it makes negative
assertions I don't see how it can really be used as part of a "the
content is valid" mechanism other than by discriminating between "I
assert the content is invalid" and "I make no assertion about the content".
Discussions about SSP seem to conflate From field domain name correlations
with "brand" representation authenticity in the message. That type of issue
is what prompted my sending my note.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html