On July 25, 2005 at 11:50, "James Scott" wrote:
Can we have more discussion on the sufficiency of message
signatures by themselves to do something useful?
...
I therefore suggest that valid message signatures are by themselves useful.
All a valid message signature states is that a given set of data was
signed with a given key. That's it.
With respect to security, it does not give you much, but it does
serve as a basis for establishing trust, but by itself, no trust
is established. You have nothing that tells who really created the
signature with the key.
Wrt DKIM, the trust component is established via DNS. The signature
verifier trusts that the records it achieves from a DNS query are the
records owned by the domain being queried. The trust solely relies
on the reliability and security of the DNS transport protocol.
For some, this may be sufficient, but for others, this is definitely
not sufficient. Because of security risks associated with DNS (along
with some of the key management aspects of it) others, including
myself, would definitely like to see hooks in DKIM to allow for
other PKI systems, systems that provide more robust trust models.
As of now, the "q=" tag appears may be insufficient since it implies a
particular usage model that may not be adequate for some established,
or alternate, PKI systems.
Wording in the DKIM spec could be changed to make it more flexibility,
without burdening it with details of alternate PKI systems.
For example, the "d=" tag can be described as:
The identity of the signing agent.
Within the DNS query method, this will be the domain name of the
signing agent, which will be queried for retrieving the public
signing key. The domain provided MUST be the same as or a parent
domain of the i= tag.
(Editorial Note: A more formal name should be given for the
"DNS query method" to clearly denote the method defined in the
core spec versus alternate, or extended, versions that may
be defined later.)
This description allows alternative values for d= based upon what
is specified for "q=". BTW, I see the "q=" tag as more of a PKI
implementation identifier vs a "query method".
The same type of wording can be applied for the other tags so
artifical constraints are not imposed upon other PKI systems.
Tag value constraints should be based upon the value of q=. The core
DKIM spec can define the DNS query method while other specs can be
created to cover alternate methods.
It should not be ruled out that alternate tags may need to be
defined to satisfy the needs for a given PKI system. Such tags can
be defined in the document that defines the specific hooks into DKIM
for the given PKI system. With this approach, it could be stated
that the d= tag is only required for the DNS query method, but it
would be best to generalize and reuse tags as much as possible
for different PKI systems to avoid tag pollution.
--ewh