On Feb 11, 2009, at 9:01 AM, Jim Fenton wrote:
If the value is really intended to be opaque, the verifier shouldn't
even group together like pseudo-subdomains for reputation purposes,
in the absence of out-of-band information describing what the signer
does.
Jim,
When mitigating replay abuse, a reputation service will likely need to
assign negative reputations against i= values (opaque or otherwise) to
deal with problematic domains. Without the i= value, the alternative
might be to block domains, which is not likely a good solution for
either the sender or recipient. When a domain decides to use random
local-parts and fictitious domains within the i= value that bad actors
can access, it may become impractical for an abuse service to track
all the i= values associated with abuse. In addition, use of an
i=transactional.example.com may prove problematic when a bad actor
decides to flood mail-boxes with one of these messages. This may have
been done to ensnare users with a variety of exploits that might range
from DNS poisoning to hacked web sites, or might be aimed at causing a
DoS. Disruptions could be limited by encoding the i= value with
something like i=123456789(_at_)transactional(_dot_)example(_dot_)com where the
local-
part relates to specific transactions or is randomly generated.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html