ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Lists "BCP" draft available

2010-05-24 15:12:20
from [Douglas Otis] [Permanent Link] 
On 5/24/10 1:23 AM, Michael Deutschmann wrote:

On Sat, 22 May 2010, Dave Crocker wrote:
   

If there is a desire and need to have the semantic be "came from the
mailing list" then there needs to be a mailing list equivalent to ADSP,
which correlates a DKIM signature with the domain in a List-ID header
field.
     

That's not necessary.

The weakness of the "except-mlist" approach is not the difficulty of
authenticating that a given mail really is from the list it purports to be
from.  We have off-the-shelf technology to do that: the list manager just
needs to use a constant MAIL FROM: domain, and protect that domain with
SPF.
   

The SPF element authorized is often poorly defined,  whose resolution 
can induce a large number of transactions against any third-party 
domain.  This is especially true when attempts search for the possible 
element.  Some now use SPF to signal reverse DNS PTR records having a 
defined label, which suggests cooperation among the 40,000 IP address 
owners.  However, deployment of IPv6 will cause SPF and reverse DNS to 
become vast and difficult to manage.

See: http://tools.ietf.org/html/draft-otis-dkim-tpa-label-03

This scheme provides a LDSP type of third-party authorization where an 
"L" flag signals a required list-id (see: RFC2919).
This scheme could even be extended to produce a policy similar to 
"except-mlist" along with an ability to make exceptions.

If a BCP recommends "discardable" be discarded by mailing lists, it 
should also recommend "all" be rejected as well.  Neither "all" nor 
"discardable" produces a compliant message when the Author Domain 
signature is invalidated.  (A flag added to DKIM signatures to signal 
the presence of TPA policies.)

It requires some cooperation from the list owner, but so would "LDSP".
   

The TPA scheme does not require cooperation of list owners!


Rather, the weakness of "except-mlist" is that it requires that the MX
know which mailing lists each mailbox is legitimately subscribed to.
Without that, the badguys can pretend the victim subscribes to lists they
control.
   

The TPA scheme requires those seeking policy protections to provide the 
relationships for MX handling.   The "except-mlist" approach places the 
burden upon the MX to know which mailing lists are safe.   Unlike the 
TPA scheme, the "except-mlist" will not allow author domains a means to 
mitigate ongoing exploitation.

-Doug



_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] The non-utility of except-mlist, was Lists "BCP" draft, John Levine
Next by Date:  Re: [ietf-dkim] Lists "BCP" draft available, Ian Eiloart
Previous by Thread:  Re: [ietf-dkim] The non-utility of except-mlist, was Lists "BCP" draft, John Levine
Next by Thread:  Re: [ietf-dkim] Lists "BCP" draft available --FBL, Alessandro Vesely
Indexes:  [Date] [Thread] [Top] [All Lists]