ietf-mailsig
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Most recent sender.

2005-01-17 18:13:44
from [william(at)elan.net] [Permanent Link] 


On Fri, 14 Jan 2005, David Woodhouse wrote:


Can anyone see a better way of reliably determining which is the 'most
recent sender'? One option would be for the signing party to _remove_
the Sender: header if signing a Resent-Sender: address. I'm not sure I
like that much though. Better options?


Microsoft appears to have an idea that they are pushing on us with all
their marketing might ... Unfortunetly, I believe they are wrong!

To answer your question in the way email is currently use you can not
be certain because:
 1. Sender headers could be added by mail list for Resent- message
    and you would not be able to tell which one was first
 2. Headers sometimes get rearranged, even Resent-* headers

To get this all fixed all mail servers would have to:
 1. Never rearrange headers
 2. Reliably identify mail list processing and the order in which it happened
    (my Redirected header can be used for that)
 3. Reliably identify mail user resending
    (I'd prefer we stop using Resent- headers all together)

To me these and other similar issues doom the idea of tying MASS signature
to some specific header like "Sender:", the best we could try to do is to 
link signature to initial message sender (this applies only to the very 
first signature in the email). But the way I see it, is that Sender header 
that might be changed by subsequent MTAs are not appropriate for it and 
the only header we can rely on is "From:". 

Besides that if we consider that initial Sender is working with permission
of and on behalf of actual message author (From:), then such person/entity
should be able to show this "permission" by means of cryptography, i.e. he 
should have access to public key create by message author. At the same 
time this approach while reasonable for signature added by Submitter, may
not be reasonable for us when signatures are added automaticlly by MTA,
because MTAs usually act on behalf of Submitter by may not have direct
relationship with message author. What a mess :)

I think best approach is probably to consider MASS signature and email
address (or domain) as having to stand on its own. And as for being able
to have policies by senders that all their email messages are signed, I'm 
inclined that this should mean that message should have at least one
signature for given domain (it could have been added by MTA or could be
added directly by Submitter) and that is what would be authenticated against.

-- 
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Good as the enemy of OK, Sam Hartman
Next by Date:  Re: Good as the enemy of OK, william(at)elan.net
Previous by Thread:  Re: Most recent sender., Jim Fenton
Next by Thread:  Re: Most recent sender., David Woodhouse
Indexes:  [Date] [Thread] [Top] [All Lists]