Re: [ietf-dkim] besides mailing lists...

[Scott Kitterman]

"Dave CROCKER"  wrote:

>
>
>On 4/30/2010 9:37 AM, Jeff Macdonald wrote:
>> ESPs have a "forward-to-a-friend" feature for their clients. Its a
>> feature in which the ESPs creates the content and sends a message from
>> a friend, to a friend. It would be discarded. However, I'm willing to
>> say this is a bogus practice.
>
>
>F2F is a well-established and helpful feature.  That some uses of receive-side 
>authentication cannot cope with it is a limitation of the authentication-based 
>service, not a flaw in F2F.
>
If authentication has to be shoehorned into email without disturbing any 
existing practices then we may as quit and spend our time on something else.

Scott K___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[ietf-dkim] dkim list archive

[Dave CROCKER]

On 4/30/2010 2:13 PM, McDowell, Brett wrote:
> BTW, where is this mail list publicly archived?  (Next time I'm referring to
> a previous message I'll just include the URL to the post.)


  List-Archive: 

d/

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] besides mailing lists...

[Dave CROCKER]

On 4/30/2010 9:37 AM, Jeff Macdonald wrote:
> ESPs have a "forward-to-a-friend" feature for their clients. Its a
> feature in which the ESPs creates the content and sends a message from
> a friend, to a friend. It would be discarded. However, I'm willing to
> say this is a bogus practice.


F2F is a well-established and helpful feature.  That some uses of receive-side 
authentication cannot cope with it is a limitation of the authentication-based 
service, not a flaw in F2F.

d/

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] list signup, was Wrong Discussion

[Douglas Otis]

On 5/2/10 11:10 AM, Alessandro Vesely wrote:
> John Levine wrote:
>
 Is there some long-standing toxic effect of mailing lists other than
 that they don't fit the simple identity models used by recently
 devised authentication schemes?
  
>>> The opt-in mechanism, I'd say. There's no standardized way for
>>> subscribers' servers to learn about subscriptions.
>>>
>> Even if you consider that to be a problem, what could it possibly have
>> to do with DKIM?
>>  
> Just that if there were a handshake between a list server and a new
> subscriber's MX, they could also agree upon ADSP forwarding, e.g. by
> whitelisting the list server.
>
To retain security, the sender's domain needs to assert domain specific 
exceptions for "all" or "discard-able" ADSP policies.

Someone subscribed to a mailing list does not mean the list then has any 
purported sender's blessing to make exceptions, especially when some 
lists don't prevent simple spoofing.  From a security stand point, it 
would also be unwise to have automated exchanges with mailing-lists 
prompted by receipt of messages needing exceptions.

-Doug



___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] list signup, was Wrong Discussion

[Alessandro Vesely]

John Levine wrote:
>>> Is there some long-standing toxic effect of mailing lists other than 
>>> that they don't fit the simple identity models used by recently 
>>> devised authentication schemes?
>> The opt-in mechanism, I'd say. There's no standardized way for 
>> subscribers' servers to learn about subscriptions.
>
> Even if you consider that to be a problem, what could it possibly have
> to do with DKIM?

Just that if there were a handshake between a list server and a new 
subscriber's MX, they could also agree upon ADSP forwarding, e.g. by 
whitelisting the list server.
___
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html