(More from a review of the lists BCP chatter, with an eye toward a forthcoming
document update...)
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Michael Thomas
Sent: Wednesday, May 26, 2010 2:23 PM
To: Scott Kitterman
Cc: DKIM List
Subject: Re: [ietf-dkim] ADSP, was Lists "BCP" draft available
Such transient trust can't be spoofable. It needs to have properties
such that if it asserts "trust me, it was signed by PayPal when I got
it, so you can ignore their discardable flag" it can't be used by
arbitrary senders to bypass PayPal's ADSP.
I don't know of a way to do that which doesn't require a trust
relationship with the mail list provider. If you have such a
relationship then it's relatively trivial to just not bother with ADSP
checks for mail from such lists.
I'm left not knowing what advantage there would be from a more
complex standardized approach.
Right, and where I have problems is that I doubt that most admins have
any clue whatsoever
which lists their users subscribe to. Some certainly have policies
which may inform them
(= don't do it), but beyond that this sounds somewhere close to an
impossible task.
I don't think it's too far-fetched to think that one or more of the following
will eventually be true:
1) A signing domain, in this case a list provider, will develop a reputation
that it does proper DKIM validation before re-signing, and thus that its A-R
header fields can be trusted by receivers;
2) A signing domain will appear in a VBR-like service, with the voucher
attesting to the fact that the signer does DKIM properly, and thus that it's
a-R header fields can be trusted by receivers;
3) The need to have this kind of transient trust will be a sufficiently rare
case that manual exception list maintenance scales just fine.
-MSK
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html