On Sep 12, 2014, at 2:21 PM, Doug Barton <dougb(_at_)dougbarton(_dot_)us>
wrote:
On 9/12/14 10:27 AM, Dave Crocker wrote:
What tends to be missed, throughout all of the discussions about dealing
with the effect on intermediaries such as mailing lists, is that most or
all of the mechanisms being discussed for intermediaries will work
equally well for bad actors...
Dave,
First, I don't think that point has been missed, as it's been repeated so
often. :)
+1 since SSP, since ADSP, since the threat analysis RFC, since the functional
requirements RFC.
Second, if you change the From: to be @<mailing list domain> the message is
still protected if the mailing list domain uses SPF, DKIM, or better yet,
both; AND the receiving system verifies them.
Exactly, the problem has been the push by the list folks to avoid this effort.
The push by the key cogs was to look up the 3rd party trusted signer, if any
and valid and ignore anything else otherwise, hence all sorts of loopholes.
Or, put differently, faking Bad.Actor@<valid domain> is one of the scenarios
that SPF/DKIM/DMARC are specifically designed to address.
Yet, the ietf effort to make DKIM a STD yet a push for methods that break it. I
don't get the lack or poor integration effort.
It's not clear how creating a solution which will allow mailing list traffic
to flow will weaken that.
Integrated systems have a better scope and feel. All the parts have to be part
of the picture. So yes, it is a complex and expensive endeavor. It took a
long time to finally get all the mail parts lined up. But we had nine years to
get ready for this framework. We are talking mostly about policy driven mail
expectations for the good, the bad and the ugly. And we have not yet come to
terms that policy lookups is required by all entry points. The list people
have pushed aside the need to do author domain policy lookups, and they don't
need to do it as long the list mail system frontend is doing it.
--
Hector Santos
http://www.santronics.com