ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] [dkim] #11: 2.5 SDID minor nit

2011-04-16 00:15:45
from [Hector Santos] [Permanent Link] 
Murray S. Kucherawy wrote:


I think it's redundant to refer to a signed message, since that's what the 
entire document is defining; if the message isn't signed, the document 
doesn’t apply in the first place.

So the question to me is more like: Is an intermediary adding a signature 
generating a new message?

If the answer is "yes", then no change is required.

If the answer is "no", then it seems to me the simplest path is to change 
"identity claiming responsibility for introduction of a message into the mail 
stream" to "identity claiming some responsibility for a message in the mail 
stream".


Good question.

I believe its depends on the intermediary type and what constitutes a 
new message. IMO, the mere act of stamping a message with a 
DKIM-signature is not a new message. An altered message at the header 
level, but still the same message.

Maybe another way to consider this is if its reasonable to suggest 
there are theoretical three levels of DKIM responsibility?

     Creator
     Signer
     Sender

My OP was raising the point the sender is a passive transport process, 
blind of the payload content or DKIM signature information.

On the other hand, we have the viewpoint of the receiver and the 
sender is generally viewed the initial responsible source for sending 
the mail and yet from an MUA (user) it may the FROM: as a responsible 
party.

So we have Z-Order responsibility chain of technologies:

    SPF    targets responsible senders
    DKIM   targets responsible signers
    MUA    targets responsible creators

I guess when UIs begin to show signer info, the DKIM trust theory (and 
hope) is the user beginning to shift to viewing the trusted signer as 
the responsible party for the message and perhaps being to turn a 
blind eye on the creator - the Cat's Meow for Direct Marketers.

Personally, I think its safer to view the SDID as the responsible 
identity for stamping a statement of authenticity and trust. 
Responsibility is really in the eyes of the beholder - receiver, DKIM 
verifier and user.

So maybe the text could be reduced to:

     A single domain name that is the mandatory payload output of DKIM and
     that refers to the identity claiming responsibility for signing the
     message.

This would allow DKIM-BASE to remove itself from the subtle 
differences in responsibility party claims.

-- 
HLS


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] I-D Action:draft-ietf-dkim-rfc4871bis-06.txt // Input requirements, Michael Deutschmann
Next by Date:  Re: [ietf-dkim] [dkim] #11: 2.5 SDID minor nit, Hector Santos
Previous by Thread:  Re: [ietf-dkim] [dkim] #11: 2.5 SDID minor nit, Hector Santos
Next by Thread:  Re: [ietf-dkim] Proposal: Removal of AUID (i= tag/value), Jeff Macdonald
Indexes:  [Date] [Thread] [Top] [All Lists]