After yesterday's massive agreement, today I'll expand some of my
statements with examples, and expose some limits.
Statement 1
With DKIM, The Signer Domain says "I signed this mail". It does
not approve content, or state that content is benign. The receiver
decides whether to give this signature preferred treatment. There
is little or no controversy about this aspect of DKIM.
Having the bank's Signer Domain in my local address book, I can
distinguish between mail that has The Bank's signature (known to
be good) and mail that does not. When I get mail from a criminal
bank with a name and logo similar to that of my bank, the criminal
Signer Domain won't match any bank that I know I have a business
relationship with, and I can treat it accordingly.
Although I wrote that signers make no statement on content, there
are valid reasons why a signer might want to do so. For example,
an email security service provider might want to say "I signed this
mail" and thus offer assurance that mail is free from malware. Of
course they would leave any pre-existing signatures intact.
Statement 2
With SSP, The Sender Domain says "I send such and such mail": if
any is signed, or not signed. This is primarily relevant for mail
without valid signature by The Sender Domain. There is little or
no controversy about this aspect of SSP.
Some position SSP as a tool against phishing. For example, SSP can
make statements about mail that claims it is sent in The Sender
Domain's name, urging receivers not to open any letters that lack
a valid signature by The Sender Domain.
Unfortunately, this protection is effective only under the assumption
that the bad guys are stupid; namely that they will try to send
mail in the name of my bank without a valid signature by my bank.
But criminals don't necessarily play by the rules.
Specifically, SSP statements by my bank won't protect ME against
mail from a Criminal bank with a name and logo similar to that of
my bank. The Criminal bank will make it 100% SSP compliant and will
specify the strictest policy settings. Just like the real bank,
the Criminal's SSP will say "Trust me. I am a high-value target".
+------------------------------------------------------------------+
|Why would I believe the SSP from my bank, and not the SSP from the|
|criminal bank? Based on SSP alone, both have equal credibility. |
+------------------------------------------------------------------+
As discussed under "statement 1", mail from the criminal is easily
exposed with a simple query against my local address book. The
criminal Signer Domain won't match any banks that I know I have a
business relationship with. I don't even have to go to an external
reputation service for that.
Conclusion
We have a paradox where DKIM-BASE does not promise protection
against phishing attacks, but it's near trivial to use for that
purpose with a local address book; while SSP protection against
phishing can be sidestepped near trivially because it is grounded
in statements by a Sender Domain whose trustworthiness is unproven.
In other words, SSP needs an external service to attest that the
Sender Domain's self-declared SSP does indeed represent a bona fide
business. Supposedly, criminals won't be able to purchase such
attestation. This is the dirty secret behind SSP.
Wietse
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html