On May 26, 2011, at 3:24 PM, Murray S. Kucherawy wrote: >> -----Original Message----- >> From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] >> On Behalf Of Steve Atkins >> Sent: Thursday, May 26, 2011 3:20 PM >> To: DKIM List >> Subject: Re: [ietf-dkim] MLMs and signatures again >> >> That's relying on an awful lot of vaporware in the MUA, orthogonal to >> any sort of authentication. I don't think any MUAs really track sender >> reputation in any way[1]. > > It's not vapourware in general. Such feedback systems exist, and could > easily be tied to DKIM domains.
I don't think they exist at the MUA level, keyed on senders. I'd be interested to hear about them if they do. (There are bunches of end-user visible reputation systems that have UI in the MUA, of course, but they don't track reputation on a per-end-user basis, rather they feed end-user perception into a shared reputation system). > >> Well, d= won't identify the original sender at all, in the case of >> individuals sending to a mailing list. It'll identify the domain of >> their ISP, nothing more. > > Well, right. You'd be basing decisions on validated DKIM "d=" values. Which isn't good enough to differentiate between c...@aol.com and hec...@aol.com. If Hector starts forging his From: address to pretend to be Cleo, DKIM doesn't help me at all. If he doesn't then I'm probably fine just keying on Cleo's From: field. > >> Tunneling DKIM signatures through MLMs doesn't seem to be the missing >> bit of technology needed to do this. >> >> If the MLM signs any email it sends then you have some level of trust >> in any information it annotates the mail with. > > Yes, and A-R provides a mechanism for doing that as well. It's mentioned in > the MLM draft too. > >> *If* it were possible to identify the original email author in some way >> (S/MIME, PGP, some private shared secret approach....) the MLM could >> annotate the mail with that information, and you could trust it enough >> to filter on. If the MLM doesn't have enough information to identify >> the original email author, it's unlikely you do either - whether >> there's a second DKIM signature or not. > > Why the last part of that? It's going to be a rare case where the final recipient can reliably authenticate the original author of the email, while the MLM can't. (There are exceptions - but if a cooperating group of people are using untrusted infrastructure to communicate, they're not going to be relying on DKIM, rather they're going to be living on paranoia, cigarettes and OpenGPG). Normally, if you can authenticate the original author then the MLM can do so just as well, so you can reliably route email based on metadata added by the MLM, rather than having to independently authenticate the original author yourself. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
