ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Issue #1521: Limit the application of SSP to unsigned messages

2007-12-11 10:25:52
from [Dave Crocker] [Permanent Link] 


Jim Fenton wrote:

As others have noted, bypassing SSP based on a valid signature from any
arbitrary domain permits a trivial attack:  attackers could sign
messages using throw-away domains they control.
It's a shame we don't have an SSP threats analysis, so that this concern could be placed in context.
The 'threat' that you are citing is for a signed message, which means that there is a verifiable, accountable identity associated. That identity will have a reputation.
It seems that concern for the attack that you cite needs to satisfy a couple of preconditions:
1. Clear statement of what it is application of an SSP publication MUST achieve. Otherwise, we cannot evaluate failing to achieve through such an attack.
2. Explanation of the reason that having a verifiable, accountable identity is insufficient. 

3. Consideration of the relative costs in protecting against this attack.

d/
--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Processing SSP issues in January using jabber/concalls...., Dave Crocker
Next by Date:  Re: [ietf-dkim] Processing SSP issues in January using jabber/concalls...., Stephen Farrell
Previous by Thread:  Re: [ietf-dkim] Issue #1521: Limit the application of SSP to unsigned messages, Jim Fenton
Next by Thread:  Re: [ietf-dkim] Issue #1521: Limit the application of SSP to unsigned messages, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]