Frank Ellermann wrote:
Jim Fenton wrote:
As others have noted, bypassing SSP based on a valid signature
from any arbitrary domain permits a trivial attack: attackers
could sign messages using throw-away domains they control.
Yes, valid DKIM signatures from unknown third parties are rather
pointlesss, and using SSP in such cases to determine the opinion
of the PRA (nobody else's opinion is relevant) is a *good thing*.
BUT a valid DKIM signature from a known + trustworthy 3rd party
can be already good enough (JohnL's NY Times example) to ignore
the opinion of the PRA (e.g. skip the SSP check if not yet done),
that's an obvious case of "receiver policy".
And it's not some "out of scope" reputation scheme, it's a mere
white list, any receiver can do this, they don't need an RFC for
this task.
I fail to understand why these two simple scenarios are seen as
contradictions or even SSP-showstoppers here, they're both fine.
Is anybody actually saying that? I haven't seen it. I've seen
a fair amount of confusion that somebody, somewhere might have
said that, but as far as I can tell nobody has said that you
must put any reputation or any other checks before or after
SSP. Whether a receiver decides to run SSP at all is its
decision.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html