ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures

2010-04-27 17:35:16
from [Douglas Otis] [Permanent Link] 
On 4/27/10 12:24 PM, Murray S. Kucherawy wrote:

From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Douglas Otis

While messages with intact DKIM signatures of financial
institutions offers reasonable protection, acceptance of broken
signatures validated by some third-party's authentication-results
header would impose significant risk.    Any mailing list that does
remove authentication-results headers would provide easy exploits
of X.


 True, if you ignore the main point that got this started: Z trusts Y
 to do authentication properly and make correct assertions via
 Authentication-Results.


Is it reasonable to expect providers to establish detailed breakdowns of 
mailing list behaviors?

For X to be safe, Z will need to know which mailing lists:

   A) remove confusing authentication-results headers
   B) apply accurate authentication-results headers
   C) annotate messages so the source is not confusing
   D) exclude confusing or unvetted ads

Acceptance of mailing lists are currently based upon the general 
reputation of the outbound server.  None of this includes any A-D 
consideration.  Until exceptions can be guided by the interested 
domains, without complex and unscalable administrative interaction,  
ADSP is unlikely to play a meaningful role.  Rather than all recipients 
making detailed audits of mailing-list behavior, a third-party 
authorization scheme only requires interested domains, such as financial 
institutions, to audit and list the third-party service employed.


 The "trust" here has been established out-of-band.  In essence, then,
 Z treats what Y is saying as always true because of some audit that
 was done on the work done at Y.

 I didn't suggest this should be generally true.


Z, the email provider, is not as motivated to audit Y, the mailing-list, 
as X, the financial institution with customers that might be defrauded.  
In addition, X also knows exactly which mailing-lists to audit.  Z, on 
the other hand, would need to audit all mailing-list.  If you want 
something done...

-Doug




_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, Jeff Macdonald
Next by Date:  Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, John Levine
Previous by Thread:  Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Murray S. Kucherawy
Next by Thread:  Re: [ietf-dkim] Why mailing lists should strip DKIM signatures, John Levine
Indexes:  [Date] [Thread] [Top] [All Lists]