+1 My favorite line from Mike's email is "there is value that can be leveraged in conjunction with other tools as part of an overall anti-abuse program. "
An example of how this fits into an overall strategy is captured in a white paper PayPal published in 2008: https://www.thepaypalblog.com/2008/04/a-practical-app/ (the link to the paper is in the last paragraph of that blog post) -- Brett On May 26, 2010, at 9:22 AM, MH Michael Hammer (5304) wrote: > > >> -----Original Message----- >> From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- >> boun...@mipassoc.org] On Behalf Of Steve Atkins >> Sent: Tuesday, May 25, 2010 7:03 PM >> To: DKIM List >> Subject: Re: [ietf-dkim] list vs contributor signatures, was Wrong >> Discussion >> >> >> On May 25, 2010, at 3:38 PM, Brett McDowell wrote: >> >>> On May 10, 2010, at 3:09 PM, Steve Atkins wrote: >>> >>>> On May 10, 2010, at 11:59 AM, John R. Levine wrote: >>>> >>>>>> Apart from ADSP rules, a broken signature must be treated as if > there >> was no >>>>>> signature at all. That in itself is not the problem. The problem > with >> broken >>>>>> signatures is that people will not buy into a technology (DKIM) > if it >> will >>>>>> not cover a significant part of their e-mail. >>>>> >>>>> Of course. That's why MLMs should sign their mail, or equvalently > the >> MSA >>>>> they use should sign it. Problem solved, right? >>>>> >>>>> Free bonus: MLMs can sign the list mail even if the contributor > didn't >>>>> sign it. >>>> >>>> +1. It's pretty much a non-issue (unless you believe that DKIM is >>>> magic fairy dust that will prevent all "fraudulent use of your > brand"). >>> >>> I believe we can disagree without being disagreeable. I'm sure > there is >> no one on this list (or in the world) who thinks DKIM is magic fairy > dust >> that will prevent all fraudulent use of a brand. >> >> If ADSP is not there to prevent "fraudulent use of your brand", what >> is it for? >> > > A most pithy question deserving of an answer. ADSP does not "prevent > fraudulent use of your brand". Never has and never will. What it is > intended to prevent is "fraudulent use of your domain" that may or may > not be a brand. It is a specific tool targeted at a narrow problem. > Nothing more and nothing less. It does not prevent abuse of the display > name nor does it prevent the use of cousin domains as just two examples > of the many things it does not do. It is a point solution to a point > problem. > >> While I don't think ADSP proponents actually believe it is magical > brand >> protection fairy dust, that is the operational model we're using when >> we're >> discussing the usage of ADSP. >> > > Have to disagree with you here Steve. It's not magical and as I pointed > out above, it is not strictly speaking "brand protection". > >> ADSP does not, and can not, provide significant operational value >> in dealing with phishing, which is the only concrete example >> anyone has brought forward. So we're left with "brand protection", >> which is still plausible because it's so vague. >> > > The only reason that ADSP does not provide significant operational > benefits is that for the sake of compromise it was crippled at birth. > Speaking based on the experience of DKIM signing all mail for some > heavily abused domains since 2007, there is value that can be leveraged > in conjunction with other tools as part of an overall anti-abuse > program. > >> (If it were described as "Brand protection as applied to the section > of >> the byte sequence in the From: field that isn't the part usually > displayed >> to the end user" that would be less vague, but more obviously > useless). >> > > There is a very simple solution I have suggested in the past that can > and will likely be implemented once email authentication reaches a > critical mass. That is for MUAs to set the default implementation to NOT > display the display name if the mail is unauthenticated. > > I would hope that the long term goal is to reduce the attack surface > available to abusers. >> >> >>> I would like to think we are all on this list making a good faith > effort >> to explore and debate the right way to deal with the status quo, > including >> the option of sustaining it. I personally don't agree with the > position >> that the status quo should be sustained, but I respect both that > position >> and those who articulate it. >> >> >> Yes, this summary may be blunt and possibly even disagreeable, but >> there comes a point when developing something that's going to affect >> many, many people that you have to mention the elephant in the room - >> which is that while lots of people involved have invested quite a bit > of >> effort >> and professional credibility in putting it together there's still no >> definition >> of what problem it's supposed to solve, and the end result appears to >> be pretty much useless for any concrete phishing or brand protection >> scenario. >> > > As I commented above, the only reason that ADSP as written appears to be > of little potential value is that it was intentionally made so. Consider > that one of the authors has pretty much always argued against its > usefulness and value. > > The ability to make assertions about a sending domains mail streams has > a proven track record in private peering arrangements between some > (large/well known) senders and receivers. There is clear potential value > to enabling an open and automated way of expressing these assertions > such that both sides of the equation (sending domain and receiving > domain) are able to scale. That we have failed to do so with the current > incarnation of ADSP does not change this. > > Mike > > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
