ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] "third party signing" != "mailing list problem"

2010-09-20 20:38:34
On Mon, 20 Sep 2010, Douglas Otis wrote:
It seems this is making two assumptions that are likely incorrect:

1) receiving domains know which mailing-lists their users have subscribed.

Most don't.  But such sites are also incapable of deploying TPA as a
sender.  So that's just as good an argument for the impracticality of TPA,
as for the impracticality of except-mlist.
 
2) receiving domains reliably recognize mailing-list messages.

This also hurts TPA just as much.  The only defense against forgery of
lists that can only be recognized weakly (by accepting unsigned messages
from any IP that display the correct List-Id:), is not to subscribe to
such lists.

"except-mlist" comes out slightly ahead here.  Since the subscription
whitelist is consumed where it is compiled, and thus doesn't need to be
converted into a standard "language" such as TPA, it can include ad-hoc
measures such as "fake SPF records" to limit forgery of troublesome lists.

And remember, many big sites will never compile the information needed to
display a complete TPA policy.  Without accomodation (ie: except-mlist),
"dkim=unknown" is all they can safely publish.
Disagree.  While there are many domains offering third-party email
services, this still represents a finite dataset.  In contrast, the
domains used by bad actors represent an infinite dataset.

You seem to be hinting a global whitelist of mailing lists would be
feasable -- so the domains in question could just salute one and be done
with it.

That doesn't sound practical to me.  Especially since users at such ISPs
will likely subscribe to lists that are too insecure to be put on the GW.
Insecure mailing lists in private whitelist are at least obscure, but a
global whitelist cannot tolerate a single one.

Basically, the problem is that users at such ISPs do not want protection
from forgeries *of themselves directed at others* badly enough to make
the sacrifices needed to stop that cold.  Such as dropping a non-DKIM,
non-SPF mailinglist where all their best friends hang out.

But, I want protection from forgeries *of other people directed at me*,
and the use of "dkim=unknown" or no-ADSP by those other people hampers my
ability to achieve that.  I don't need them to go whole-hog TPA, I just
need help squelching the supposedly-first-person forgeries, and I can
take care of the supposedly-via-list forgeries myself.

---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html