Single signature and two level verification cascade


On Sat, 2004-12-04 at 10:16, Dave Crocker wrote:

On Tue, 30 Nov 2004 09:45:19 -0800, Douglas Otis wrote:


Requiring those that make changes to resign the message does ensure this
process identifies those accountable. A header could be included to
allow signature validation to be cascaded.


Checking to see whether I understand your point:

 A message may have at most one mass signature in effect at any one time.
 However there may be multiple headers documenting validation of the
 signature, such as by a receive-side border MTA and by the MDA.


As mail is received by the MDA, an mda-verification header is generated,
but this header is not allowed to exist within a message passed through
the Internet.  This header is not included within the message's
signature, so this Internet exclusion is intended to protect the
header's integrity on the basis that the MDA is trusted and the sole
source for this header seen by the MUA.  This affords the MUA the MDA's
perspective.

This scheme would normally result in a single verification header.  For
mail forwarded, the source of the initial verification should be
documented, and this involves a verification header that is intended to
be passed through the Internet and included within the resigning.
(Swapping a header name should be all that is needed.)  The MSA would
simply rename the existing mda-verification header as a
pass-through-verification header. (This process should over-write an
existing pass-through-verification header.)  Without over-writing, it
could become a mess otherwise.

This approach should work well for a majority of situations where a
message is modified and reissued, as example within a list server.  This
pass-through-verification header documents the accountable element of
the verification used when the message was accepted into the mail
channel.  If there is a problem, having this information would be useful
for resolution.

I see at least three independent documents-

1) channel signature
2) verification headers (should encompass all MDA level validations)
3) message state (diagnostic tool for the channel signatures)

-Doug

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Signature Failure Analysis, (continued) RE: Signature Failure Analysis, domainkeys-feedbackbase01 RE: Signature Failure Analysis, Douglas Otis Re: Signature Failure Analysis, Jim Fenton Re: Signature Failure Analysis, Douglas Otis Re: Signature Failure Analysis, Jim Fenton Re: Signature Failure Analysis, Douglas Otis RE: Signature Failure Analysis, David Woodhouse RE: Web pages for MASS effort, william(at)elan.net RE: Web pages for MASS effort, domainkeys-feedbackbase01 Re: Web pages for MASS effort, Dave Crocker Single signature and two level verification cascade, Douglas Otis <= Re: Single signature and two level verification cascade, Dave Crocker Re: Single signature and two level verification cascade, Douglas Otis Re: Single signature and two level verification cascade, Stephen Pollei Re: Single signature and two level verification cascade, Douglas Otis Re: Web pages for MASS effort, Dave Crocker Re: Web pages for MASS effort, Michael Thomas Re: Web pages for MASS effort, Dave Crocker Re: Web pages for MASS effort, william(at)elan.net Re: Web pages for MASS effort, Dave Crocker Re: Web pages for MASS effort, Michael Thomas

Previous by Date:	Re: Web pages for MASS effort, Dave Crocker
Next by Date:	Re: Single signature and two level verification cascade, Dave Crocker
Previous by Thread:	Re: Web pages for MASS effort, Dave Crocker
Next by Thread:	Re: Single signature and two level verification cascade, Dave Crocker
Indexes:	[Date] [Thread] [Top] [All Lists]