ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] list expanders (was Re: chained signatures, was l= summary)

2009-06-30 17:06:46
from [hector] [Permanent Link] 
Dave CROCKER wrote:



MH Michael Hammer (5304) wrote:
 > How does a 3rd party signing a message change the intent of the author

of a message? One might argue that breaking the original signature does that.
My response would be to then avoid breaking the original signature.

One of the arguments put forward supporting the DKIM effort was that unlike
SPF it is not hop dependent.



A common source of confusion about this is the difference between an MTA 
Relay 
and a Mailing List Mediator.  A DKIM signature always survives relaying, 
whereas 
SPF registration cannot any.



Not so, David.

To make the analogy, you need to put both under the same page, same 
mail transport considerations.

First, you are presuming the MTA is a DKIM resigner.  Like wise, SPF 
also has sender MTA rewriter technology and that includes a standard 
protocol as well - RFC 4405 (SUBMITTER SMTP Service Extension).

In other words, SPF can survive a multi-hop route if each MTA supports 
RFC 4405. Like wise, DKIM can ONLY survive the multi-hop route if each 
MTA supports DKIM resigning. Both technologies require middle ware MTA 
support.

So this old marketing benefit does not apply any more.

However, with it comes to a Mailing List Server (MLS), SPF does not 
suffer the problems that DKIM has with a MLS.


The reality is that after receiving the message, the Mediator owns it and can 
legitimately do whatever it wants.  Or rather, any constraints on its actions 
depend on policies and agreements that are far outside the realm of current 
email protocol standards.



IMO, you are minimizing long time telecommunications mail engineering 
considerations, reflected by US laws (and foreign laws based on the US 
model) that help protect user intent and expectations.

Push comes to shove, the question of Mediator ownership is not as 
legitimate as you may think.  It is only has been skewed with a 
renewed direction for centralization (vendor owns the resource). 
However, copyright ownership of author written content is still an 
implicit and natural legal right.  Lost of mail is still a risk a 
responsible mail enterprise can not ignore.

I believe you are advocating a dangerous precedence which will be felt 
when USERS are finally presented with a mixed bag of GOOD VALID 
VOUCHED DKIM MAIL and the many faults left open with this DKIM 
framework - one where the AUTHOR intent has been lost from its 
original basic concept.

--
Hector santos
http://www.santronics.com


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] list expanders (was Re: chained signatures, was l= summary), Dave CROCKER
Next by Date:  Re: [ietf-dkim] list expanders (was Re: chained signatures, was l= summary), Scott Kitterman
Previous by Thread:  Re: [ietf-dkim] list expanders (was Re: chained signatures, was l= summary), Dave CROCKER
Next by Thread:  Re: [ietf-dkim] list expanders (was Re: chained signatures, was l= summary), Scott Kitterman
Indexes:  [Date] [Thread] [Top] [All Lists]