ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs

2010-09-24 22:49:44
from [Michael Deutschmann] [Permanent Link] 
On 24 Sep 2010, John R. Levine wrote:

Since RFC 5617 says that discardable domains should not send mail to
lists, nobody who can read should be affected by that.


But that means DKIM/ADSP gets deployed so rarely at the sender side, that
it could just as well not exist.  And that still leaves the problem of
dkim=all.


Hmmn.  I'm not sure what you're talking about here, but since neither DKIM
nor ADSP say anything about "relevant" signatures, it can't be either of
them.


I meant "relevant to ADSP" -- that is, specifying a key in the domain of
the From: address.  Everything else is irrelevant to ADSP, although it is
explictly defined that such signatures are just ignored since they may
have meaning to other protocols layered on DKIM.

We can't just modify ADSP to allow all messages where *either* From: or
List-Id: have a matching signature, since that allows anyone to bypass
the intent of ADSP by creating a rogue list.

Combined with a whitelist of List-Id:s to accept in lieu of a valid From:
signature, "LDSP" would be quite secure.  But the whitelist is pretty
good on it's own.


An armor analogy:

 Whitelist of mailing lists to which one has actually subscribed
   = Chest Plate

 A hypothetical revised ADSP with "all" clarified and an "except-mlist"
   option.
   = Leggings and codpiece

 A hypothetical "LDSP"
   = Gauntlets and helmet

 ADSP as it stands
   = A magic impenetrable sleeping bag

 TPA
   = a full suit of cloth armour

You need the plate to protect against evil opt-out "mailinglists".  You
need the leggings to protect against ordinary forgeries.  And you in
theory need the gauntlets to stop forgeries of mailinglists you do trust
-- but in practice that attack is rare.

TPA gives good coverage, but most attacks -- those that pretend to be
from ultimate senders who didn't have the inclination to deploy the
thing, will go straight through.

The bag is guaranteed to keep you alive, but you'd be a fool to use it in
battle.

---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, John R. Levine
Next by Date:  [ietf-dkim] Another reality check, John R. Levine
Previous by Thread:  Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, John R. Levine
Next by Thread:  Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Michael Deutschmann
Indexes:  [Date] [Thread] [Top] [All Lists]