ietf-mailsig
[Top] [All Lists]

Re: Good as the enemy of OK

2005-01-13 22:40:09

For me, John's last sentence is the most important point in all of this discussion:

 > The most that a signature can do is to identify the responsible party.
 > There's no point in adding cruft that attempts to go beyond that.

So, I ask, why are we trying to do more than find the immediately preceding responsible party?

It is a small step, but it's a good step, and there will be more steps later. The place to start is to push back, one hop at a time.

If I knew the immediately preceding responsible party for a message, I could better manage my black/white/grey list. That would be great step forward. And if each hop simply asserted (cryptographically of course) what was received from its preceding hop we would have a trace.

Something akin to received lines with a signature, or a "long hop" as it's been called before.

Jim




--On Wednesday, January 12, 2005 6:27 PM +0000 John Levine <johnl(_at_)iecc(_dot_)com> wrote:


> I do note that you're actually somewhat vulnerable to this replay even
> with signed bodies.

Yes, definitely.

> [ replay mail from legit free provider ]
> This puts the free email provider in the position of needing to revoke
> the key I'm using, but they cannot do that until the other mail signed
> with that key has had a chance to flow through the system.

If it were my ISP, I'd just cancel the account.  I'd only cancel a key
if I found that it had leaked and unknown parties were using it to
sign mail.  The signature means that the original sender and recipient
addresses are real, if someone wants to further pursue the miscreant.

The most that a signature can do is to identify the responsible party.
There's no point in adding cruft that attempts to go beyond that.

Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
http://www.taugh.com




<Prev in Thread] Current Thread [Next in Thread>