Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
> DKIM is a particular service. An MLM will typically destroy a DKIM > signature. If destruction doesn't count as "conflict with" then I don't know > what does. I can live with Murray's language, but I'm seeing what appear to me to be some fairly basic disagreements about what DKIM does. My understanding is that it's intended to combine a modest integrity check of messages in transit with a responsible identity. That's all it does. In particular, it's not intended to provide long term bullet proof message protection, and (disregarding ADSP) there's no semantics assigned to the absence of a valid DKIM signature. The arguments about the alleged importance of preserving inbound signatures are silly for a bunch of reasons. One is three decades of practice in which nobody has worried about recipients verifying the identities of list contributors. (I can't help but note the absence of S/MIME or PGP signatures on the mail of people who argue otherwise.) Another is the observed consistent practice of sorting and I believe filtering based on the characteristics of the list rather than individual contributors. Also, if one believes that we should rewrite MLMs to provide some tortured way to pass through signatures, or to cater to misimplementations that penalize broken signatures, why stop there? Many lists are read through online reformatters like pipermail. Should we demand they all get rewritten to preserve DKIM signatures? If not, what's the difference? R's, John ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
On 8/10/2010 10:52 AM, John R. Levine wrote: > In particular, it's not intended to provide long term bullet proof message > protection I probably haven't been reading carefully enough (as usual.) Amidst the current discussions, I missed the postings that seemed to be based on this different goal for DKIM. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
> -Original Message- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- > boun...@mipassoc.org] On Behalf Of John R. Levine > Sent: Tuesday, August 10, 2010 10:52 AM > To: dcroc...@bbiw.net > Cc: ietf-dkim@mipassoc.org > Subject: Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim- > mailinglists-01 review request > > > DKIM is a particular service. An MLM will typically destroy a DKIM > > signature. If destruction doesn't count as "conflict with" then I > don't know > > what does. > > I can live with Murray's language, but I'm seeing what appear to me to > be > some fairly basic disagreements about what DKIM does. > > My understanding is that it's intended to combine a modest integrity > check > of messages in transit with a responsible identity. That's all it > does. I don't think we're disagreeing. The premise of the draft states simply that DKIM is a mechanism for attaching a (provable) domain name to a message as a means for taking some responsibility for it, and that some common MLM practices interfere with the delivery of that payload. I don't think there's any express or implied claim in the document that DKIM does more than that. But what you're saying seems antithetical to most of the document, which goes to some lengths to describe ways that MLMs and DKIM can co-operate better. So should we not bother? > The arguments about the alleged importance of preserving inbound > signatures are silly for a bunch of reasons. One is three decades of > practice in which nobody has worried about recipients verifying the > identities of list contributors. (I can't help but note the absence of > S/MIME or PGP signatures on the mail of people who argue otherwise.) Though I don't claim to be able to predict the future, I can speculate that this could become an important thing as domain reputation gets rolled out. So it might not matter now, but it could matter soon. ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
Having reread the document I go with steps 4&5 on page 15. Most of the wording is fine On Aug 10, 2010, at 2:12 PM, Murray S. Kucherawy wrote: >> -Original Message- >> From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- >> boun...@mipassoc.org] On Behalf Of John R. Levine >> Sent: Tuesday, August 10, 2010 10:52 AM >> To: dcroc...@bbiw.net >> Cc: ietf-dkim@mipassoc.org >> Subject: Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim- >> mailinglists-01 review request >> >>> DKIM is a particular service. An MLM will typically destroy a DKIM >>> signature. If destruction doesn't count as "conflict with" then I >> don't know >>> what does. >> >> I can live with Murray's language, but I'm seeing what appear to me to >> be >> some fairly basic disagreements about what DKIM does. >> >> My understanding is that it's intended to combine a modest integrity >> check >> of messages in transit with a responsible identity. That's all it >> does. > > I don't think we're disagreeing. The premise of the draft states simply that > DKIM is a mechanism for attaching a (provable) domain name to a message as a > means for taking some responsibility for it, and that some common MLM > practices interfere with the delivery of that payload. I don't think there's > any express or implied claim in the document that DKIM does more than that. > > But what you're saying seems antithetical to most of the document, which goes > to some lengths to describe ways that MLMs and DKIM can co-operate better. > So should we not bother? > >> The arguments about the alleged importance of preserving inbound >> signatures are silly for a bunch of reasons. One is three decades of >> practice in which nobody has worried about recipients verifying the >> identities of list contributors. (I can't help but note the absence of >> S/MIME or PGP signatures on the mail of people who argue otherwise.) > > Though I don't claim to be able to predict the future, I can speculate that > this could become an important thing as domain reputation gets rolled out. > So it might not matter now, but it could matter soon. > > > ___ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
>But what you're saying seems antithetical to most of the document, >which goes to some lengths to describe ways that MLMs and DKIM can >co-operate better. So should we not bother? Oh no. (That is. we shouldn't not bother.) There's plenty of good stuff in your draft, but on reflection I think the key is for the DKIM camp to be modest in its claims and goals. Mailing lists do what they have done for 30 years, and they're not going to change in any major way. To the extent that DKIM can help them do what they're going to do anyway, it's useful. The discussion of different kinds of lists is certainly helpful, but we risk going into the weeds when we start getting into complex analyses and advice for scenarios that seem (to me at least) pretty far fetched. So, for example, one of the things that lists have always done is send mail to people who have subscribed and presumably want it. Signing the outgoing mail should help receipients recognize the mail they want, so it makes sense to recommend that. On the other hand, providing per-contributor reputation clues to subscribers (beyond what's on the From: line) is something that lists have never done, so I think it's a poor idea to try to invent ways to do that. Does that make sense? R's, John ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
+1 On Aug 10, 2010, at 6:49 PM, John Levine wrote: >> But what you're saying seems antithetical to most of the document, >> which goes to some lengths to describe ways that MLMs and DKIM can >> co-operate better. So should we not bother? > > Oh no. (That is. we shouldn't not bother.) There's plenty of good > stuff in your draft, but on reflection I think the key is for the DKIM > camp to be modest in its claims and goals. Mailing lists do what they > have done for 30 years, and they're not going to change in any major > way. To the extent that DKIM can help them do what they're going to > do anyway, it's useful. > > The discussion of different kinds of lists is certainly helpful, but > we risk going into the weeds when we start getting into complex > analyses and advice for scenarios that seem (to me at least) pretty > far fetched. > > So, for example, one of the things that lists have always done is send > mail to people who have subscribed and presumably want it. Signing > the outgoing mail should help receipients recognize the mail they > want, so it makes sense to recommend that. > > On the other hand, providing per-contributor reputation clues to > subscribers (beyond what's on the From: line) is something that lists > have never done, so I think it's a poor idea to try to invent ways to > do that. > > Does that make sense? > > R's, > John > > ___ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
> -Original Message- > From: John Levine [mailto:jo...@iecc.com] > Sent: Tuesday, August 10, 2010 3:49 PM > To: ietf-dkim@mipassoc.org > Cc: Murray S. Kucherawy > Subject: Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim- > mailinglists-01 review request > > On the other hand, providing per-contributor reputation clues to > subscribers (beyond what's on the From: line) is something that lists > have never done, so I think it's a poor idea to try to invent ways to > do that. > > Does that make sense? Sure. I got the impression this was something we should be saying based on earlier conversation about whether the list should sign coupled with whether the list should drop author signatures. Part of that chatter had to do with combined reputation of the list and the author. If that's a real concern, then on one hand a list/you can gain from the reputation of the other, but on the other hand you can both suffer because of other traffic on the list. This seemed to be a logical extension of that discussion. If we feel that's too much of a leap, I can just remove that paragraph. ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
On 8/10/10 9:54 PM, Murray S. Kucherawy wrote: >> -Original Message- >> From: John Levine [mailto:jo...@iecc.com] >> Sent: Tuesday, August 10, 2010 3:49 PM >> To: ietf-dkim@mipassoc.org >> Cc: Murray S. Kucherawy >> Subject: Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim- >> mailinglists-01 review request >> >> On the other hand, providing per-contributor reputation clues to >> subscribers (beyond what's on the From: line) is something that lists >> have never done, so I think it's a poor idea to try to invent ways to >> do that. >> >> Does that make sense? > Sure. I got the impression this was something we should be saying based on > earlier conversation about whether the list should sign coupled with whether > the list should drop author signatures. Part of that chatter had to do with > combined reputation of the list and the author. If that's a real concern, > then on one hand a list/you can gain from the reputation of the other, but on > the other hand you can both suffer because of other traffic on the list. > This seemed to be a logical extension of that discussion. > > If we feel that's too much of a leap, I can just remove that paragraph. DKIM does not confirm the identity of individuals, only the administrative domain of the signer. The recipient would need to trust the Authentication-Results header, before any information would be meaningful beyond what is known about the list itself, such as whether it provides List-ID headers, confirms the email-address of subscribers, removes deceptive A-R headers, etc. -Doug ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
On 8/10/2010 9:54 PM, Murray S. Kucherawy wrote: > Sure. I got the impression this was something we should be saying based on > earlier conversation about whether the list should sign coupled with whether > the list should drop author signatures. Part of that chatter had to do with > combined reputation of the list and the author. If that's a real concern, > then on one hand a list/you can gain from the reputation of the other, but on > the other hand you can both suffer because of other traffic on the list. > This seemed to be a logical extension of that discussion. > > If we feel that's too much of a leap, I can just remove that paragraph. I think that the underlying sentiments of this sub-section are reasonable. But I am concerned that it's focus and details are muddled. Unfortunately I think that's because our group sense of the topic is still muddled, rather than anything as simple to fix as Murray's writing. Certainly mine is muddled. So I can't immediately offer modified text. The best I can suggest is some further scrutiny. To that end: 1. "unexpected" An author usually knows they are sending to an MLM. While they might not know the actual recipient list, I would not class it as "unexpected". Worse, I'm not sure this issue is relevant to the underlying concern here. Or, to the extent it is, I'm not clear how. This might warrant explication. 2. "coupled with other messages" This implies that a digest message might affect the reputation associated with an author of a message in the digest. Do we really think this is plausible? How? 3. "insulate one's reputation from influence by the unknown results" This is a hugely substantive topic and frankly scares me. It seems to be at the heart of this sub-section but I suspect it is a much, much bigger topic. For starters, is it realistic to pursue this goal at all? 4. "authors may be well-advised to create a mail stream specifically used for" This raises the very basic question of whether an author can create/define a mail stream? If so, how? If not, then the premise of this advice is defeated. For that matter, since mail streams are defined by signing sub-domains, are we sure that that is relevant to this problem? If the original signature is broken, the benefit of having different d= values is lost. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
> -Original Message- > From: Dave CROCKER [mailto:d...@dcrocker.net] > Sent: Wednesday, August 11, 2010 9:50 AM > To: Murray S. Kucherawy > Cc: ietf-dkim@mipassoc.org > Subject: Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim- > mailinglists-01 review request > > I think that the underlying sentiments of this sub-section are > reasonable. But > I am concerned that it's focus and details are muddled. Unfortunately > I think > that's because our group sense of the topic is still muddled, rather > than > anything as simple to fix as Murray's writing. Certainly mine is > muddled. > [...] I suspect some of the cause of that is that this sort of work necessarily contains some "forward-looking statements" (to borrow from the financial sector). As John likes to point out, we've never filtered email based on this criterion in the past x years, but in part that's because we've never been able to do so before. It's possible this will create a mechanism people will find more useful or accurate. I don't want to stifle that possibility before anyone even has a chance to try it. We have at best an educated guess about how different signature patterns on a message, or on a digest of messages, will affect the reputations of the signers. I'm torn between describing such a guess in an informational document and saying nothing at all, if only to get the readers thinking about it as well. We've decided the industry wants or needs guidance, so we want to give some. But the work starts to suffer when the thinking drifts into navel-gazing. I don't have any problem admitting that I can be guilty of it; I'd rather be thinking about it than not. Anyhow, this is what reviewers are for. :-) -MSK ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
