ietf-mailsig
[Top] [All Lists]

Re: draft-delany-domainkeys-base-02.txt

2005-03-29 18:54:24

On Tue, 2005-03-29 at 17:18 -0800, Dave Crocker wrote:
 Is it prudent for domainkeys to attempt making assurances for the local-
 part of the mailbox address?  Not accommodating this local-part assurance
 (via individual keys), would acknowledge domainkey's relative weakness in
 terms of its ability to scale in this manner.

this is a transit validation mechanism, not a full-fledged legal signature 
mechanism.

the nature of the 'assurances' being offered are intentionally minimal.  the 
purpose of the finer-grained keys has more to do with management than it does 
with making strong assurances about the purported author.

I understand the intent.  To permit bulk mail sent on behalf of
example.com, they setup a key such as 'g=sales' for some third-party to
use as sales(_at_)example(_dot_)com(_dot_)  The unintended consequence is that 
also
provides a greater assurance of the local-part than normal.  This may
encourage use of per-user keys to obtain this 'assurance.'

An alternative would be to isolate such mail into a sub-domain, as
example sales(_at_)third-party(_dot_)example(_dot_)com(_dot_)  Perhaps there 
would be an
explicit indication that the local-part for this domain is not
'assured' (as a type of second class mail).  For the local-part to be
assured, it would then be sent through their servers where keys have an
explicit means to indicate such an assurance.  The explicit key
assertion, such as 'l=y' within the key, would then not require nor
encourage per-user keys.

-Doug


<Prev in Thread] Current Thread [Next in Thread>