Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

>12. I haven't tweaked anything. Assuming my reading of the >configuration files is correct, spamassassin is querying ADSP for >incoming mail, and applying a positive bump to the "spamminess" score >when a message comes from a domain with dkim=all, and a bigger bump for >dkim=discardable. Th

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

MH Michael Hammer (5304) wrote: > > I'm still waiting for someone to produce use numbers (of domains) for > ADSP. Just out of curiosity, what number do we have to reach to hit the > technical term "massive"? Somehow I doubt that in it's current > incarnation ADSP will ever have massive implementa

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

M List >> Subject: Re: [ietf-dkim] list vs contributor signatures, was Wrong >> Discussion >> > > > >> >> What surprises me is how our efforts have been received by the > community >> who produced these standards in the first place. >> >> >

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Jun 2, 2010, at 4:36 PM, MH Michael Hammer (5304) wrote: > So, is this a discussion about a BCP for MLMs or is this a discussion > about revisiting the ADSP spec? The course of the discussion really > depends on what the consensus is. Let's break these up. Murray tried and I think succeeded

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Jun 2, 2010, at 4:05 PM, Dave CROCKER wrote: > If proponents want simply to keep automatically saying that things are great > and > keep automatically rejecting any counter-points, then I'm not clear what the > purpose of these discussions is. If opponents want simply to keep automatically

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Jun 2, 2010, at 12:28 PM, Brett McDowell wrote: > > On Jun 2, 2010, at 2:41 PM, Steve Atkins wrote: > >> >> Second... >> >> steve$ host -t txt _adsp._domainkey.paypal.net >> _adsp._domainkey.paypal.net has no TXT record >> steve$ host -t txt paypal.net >> paypal.net has no TXT

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: Dave CROCKER [mailto:d...@dcrocker.net] > Sent: Wednesday, June 02, 2010 4:26 PM > To: MH Michael Hammer (5304) > Cc: DKIM List > Subject: Re: [ietf-dkim] list vs contributor signatures, was Wrong > Discussion > > > > On 6/

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: Dave CROCKER [mailto:d...@dcrocker.net] > Sent: Wednesday, June 02, 2010 4:06 PM > To: MH Michael Hammer (5304) > Cc: ietf-dkim@mipassoc.org > Subject: Re: [ietf-dkim] list vs contributor signatures, was Wrong > Discussion > > &g

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 6/2/2010 1:21 PM, MH Michael Hammer (5304) wrote: > Actually, IETF has been somewhat mild compared to MARID. Narrower topic. Smaller group. Made it a lot easier to be selective with the attacks... d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: MH Michael Hammer (5304) > Sent: Wednesday, June 02, 2010 4:21 PM > To: 'Brett McDowell'; John R. Levine > Cc: DKIM List > Subject: RE: [ietf-dkim] list vs contributor signatures, was Wrong > Discussion > > > &g

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- > boun...@mipassoc.org] On Behalf Of Brett McDowell > Sent: Wednesday, June 02, 2010 3:46 PM > To: John R. Levine > Cc: DKIM List > Subject: Re: [ietf-dkim] list vs contributor

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 6/2/2010 12:58 PM, MH Michael Hammer (5304) wrote: >> Since we've been seeing reports of breakage due to using ADSP records for >> domains that are not under sufficient control, it is clear that some >> fraction of the ADSP-using world does not understand what it is for, or at >> least what it

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- > boun...@mipassoc.org] On Behalf Of Dave CROCKER > Sent: Wednesday, June 02, 2010 3:48 PM > To: Brett McDowell > Cc: ietf-dkim@mipassoc.org > Subject: Re: [ietf-dkim] list vs contributor

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: John R. Levine [mailto:jo...@iecc.com] > Sent: Wednesday, June 02, 2010 3:38 PM > To: MH Michael Hammer (5304) > Cc: DKIM List > Subject: RE: [ietf-dkim] list vs contributor signatures, was Wrong > Discussion > > > I can

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> If the domain or subdomain involved has enduser (at all) accounts then > it is likely a poor candidate for ADSP "DISCARDABLE". ADSP "DISCARDABLE" > should be used for domains that are subject to high levels of abuse and > are used primarily for transactional or marketing email and where the > mai

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 6/2/2010 11:29 AM, Brett McDowell wrote: > ADSP seems to mean one thing to pundits and something else to the people > actually using it. Who is right? > >> Recent experience suggests that they often don't. > > Can you name someone with ADSP experience who doesn't understand what it > means?

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Jun 2, 2010, at 3:26 PM, John R. Levine wrote: >>> Recent experience suggests that they often don't. >> Can you name someone with ADSP experience who doesn't understand what it >> means? > > Not to pick on you specifically, since there are multiple examples, but I'd > say that domains that p

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- > boun...@mipassoc.org] On Behalf Of John R. Levine > Sent: Wednesday, June 02, 2010 3:26 PM > To: Brett McDowell > Cc: DKIM List > Subject: Re: [ietf-dkim] list vs contributor

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> I can't help myself. This image of John sitting at a desk with his quill > and inkwell manually maintaining his credible list by the light of a > whale oil lamp keeps popping into my minds eye. How scalable is that > list John? If ye towne cryer dost distribute such a liste to manye and divers m

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 28, 2010, at 12:14 AM, John Levine wrote: >> So I understand your line of reasoning. But today, I believe ADSP can >> provide a benefit. Brett has data that supports that. > > Once again, we have a pernicious confusion between manually maintained > drop lists and ADSP. > > Brett has data

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- > boun...@mipassoc.org] On Behalf Of Michael Thomas > Sent: Wednesday, June 02, 2010 3:07 PM > To: Steve Atkins > Cc: DKIM List > Subject: Re: [ietf-dkim] list vs contributor signatures, w

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 28, 2010, at 12:15 AM, John Levine wrote: >> On the other hand, John and Steve expect that the benefits PayPal is >> seeing in thwarted phishing messages will be short-lived, as phishers >> just change domain names, and send out just as many messages as >> before, fooling just as many recip

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Jun 2, 2010, at 2:41 PM, Steve Atkins wrote: > > On Jun 2, 2010, at 10:59 AM, Brett McDowell wrote: > >> On May 28, 2010, at 1:08 AM, Steve Atkins wrote: >> >>> Paypal is rather a special case, as they actively register >>> many, many domains in a lot of TLDs that contain the word >>> paypa

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> In terms of public information, we are in production with DKIM > verification/blocking today with two mailbox providers. We'd like to be in > production with say... two hundred by some near-term date certain. Hence the > need for ADSP. This is a non-sequitur, but we've been through it befor

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

>> Recent experience suggests that they often don't. > Can you name someone with ADSP experience who doesn't understand what it > means? Not to pick on you specifically, since there are multiple examples, but I'd say that domains that publish dkim=discardable and who let their users subscribe a

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 28, 2010, at 12:28 AM, Steve Atkins wrote: > > On May 27, 2010, at 9:15 PM, John Levine wrote: > >>> On the other hand, John and Steve expect that the benefits PayPal is >>> seeing in thwarted phishing messages will be short-lived, as phishers >>> just change domain names, and send out ju

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Jun 2, 2010, at 3:06 PM, Michael Thomas wrote: > On 06/02/2010 11:41 AM, Steve Atkins wrote: >> Fourth, as I mentioned above, even if all you said was valid, registering >> thousands of domains in order to make ADSP sort-of work against phishing >> isn't something that scales, either in term

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

etf-dkim@mipassoc.org >> Subject: Re: [ietf-dkim] list vs contributor signatures, was Wrong >> Discussion >> > > > >> >> Here's a thought experiment: let's say you have your list of domains >> that are known to be phish targets that sign the

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 06/02/2010 11:41 AM, Steve Atkins wrote: > Fourth, as I mentioned above, even if all you said was valid, registering > thousands of domains in order to make ADSP sort-of work against phishing > isn't something that scales, either in terms of domain name system nor the > expense. If ADSP requi

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 28, 2010, at 1:08 AM, Steve Atkins wrote: > Paypal is rather a special case, as they actively register > many, many domains in a lot of TLDs that contain the word > paypal or some misspelling of it, both proactively and in > response to enforcement. I didn't consider those domains > as trig

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 28, 2010, at 12:01 AM, Steve Atkins wrote: > > 1. Do we want to reduce the DKIM broken signature rate or do we want to make > ADSP less vulnerable to it. Or both, I guess. I think both of those objectives are of interest. > > 2. If we want to reduce the DKIM broken signature rate, do

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Jun 2, 2010, at 10:59 AM, Brett McDowell wrote: > On May 28, 2010, at 1:08 AM, Steve Atkins wrote: > >> Paypal is rather a special case, as they actively register >> many, many domains in a lot of TLDs that contain the word >> paypal or some misspelling of it, both proactively and in >> respo

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: John R. Levine [mailto:jo...@iecc.com] > Sent: Wednesday, June 02, 2010 2:25 PM > To: Brett McDowell > Cc: MH Michael Hammer (5304); ietf-dkim@mipassoc.org > Subject: Re: [ietf-dkim] list vs contributor signatures, was Wrong > Discussi

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> Well, you'd process that mail as if... there were no ADSP policy because... > there's no ADSP policy. I guess I agree, since I would use a credible manually maintained list and ignore the ADSP whether or not there was any. R's, John ___ NOTE WELL: T

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

"John Levine" wrote: >>Similarly, with ADSP you don't have to rely on published information, and >>when information is published, you don't have to guess whether the >>publisher is competent. You can maintain your own list of domains that you >>trust to get ADSP right, and use standard softw

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 6/2/2010 9:12 AM, MH Michael Hammer (5304) wrote: > > For shame Dave. Taking one sentence out of context is something I would > not have expected from you. After all this time, I am glad to hear that I can still surprise you... FWIW I took it out of context entirely knowingly. Frankly, I wa

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Jun 2, 2010, at 4:50 AM, Ian Eiloart wrote: > > > --On 27 May 2010 14:57:06 -0700 Steve Atkins wrote: > >> >>> Legitimate email from paypal: >>> >>> 72% rejected by ADSP >>> 28% not rejected >>> >>> Phishing emails using "paypal" in the From line: >>> >>> 39% rejected by ADSP >>>

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

.net] > Sent: Wednesday, June 02, 2010 11:48 AM > To: MH Michael Hammer (5304) > Cc: ietf-dkim@mipassoc.org > Subject: Re: [ietf-dkim] list vs contributor signatures, was Wrong > Discussion > > > > On 6/2/2010 6:33 AM, MH Michael Hammer (5304) wrote: > > It's

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 6/2/2010 6:33 AM, MH Michael Hammer (5304) wrote: > It's really quite simple. This is the crux of the disparity of views. Those of use who note that none of this is simple worry about adoption and success barriers, noting that new services have a long and problematic history and that more

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> -Original Message- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- > boun...@mipassoc.org] On Behalf Of John Levine > Sent: Wednesday, June 02, 2010 9:21 AM > To: ietf-dkim@mipassoc.org > Subject: Re: [ietf-dkim] list vs contributor signatures, was

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

--On 2 June 2010 08:35:56 -0400 "John R. Levine" wrote: > > There's ADSP code in Spamassassin for anyone who wants it. They suggest > that you configure it to ignore actual ADSP and hard code a handful of > domains such as paypal.com and ebay.com. > Why not do both? Look up, and log results f

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

>Similarly, with ADSP you don't have to rely on published information, and >when information is published, you don't have to guess whether the >publisher is competent. You can maintain your own list of domains that you >trust to get ADSP right, and use standard software to apply that judgement.

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 6/2/2010 4:46 AM, Ian Eiloart wrote: > --On 28 May 2010 13:26:28 -0700 Dave CROCKER wrote: >> On 5/28/2010 12:07 PM, Jeff Macdonald wrote: >>> But I'd like to see if I understand the difference your are trying to >>> highlight between a manually maintained list and a self published >>> list.

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

>> That's a good start. Now we need to figure out some way to find out >> who's doing those lookups, and what they're doing with them. > > It should be fairly easy to figure out how many unique IP addresses are doing > the lookups, and give some view of the distribution. And then not too hard to

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

--On 26 May 2010 15:51:33 -0400 Brett McDowell wrote: > On May 26, 2010, at 1:42 PM, Steve Atkins wrote: > > I'm big on concrete examples. So how does your logical conclusion > deal with these two situations? > > $ host -t txt _adsp._domainkey.paypaI.me > _adsp._domainkey

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

--On 28 May 2010 13:26:28 -0700 Dave CROCKER wrote: > > On 5/28/2010 12:07 PM, Jeff Macdonald wrote: >> But I'd like to see if I understand the difference your are trying to >> highlight between a manually maintained list and a self published >> list. > > There is a key semantic difference whic

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

--On 27 May 2010 14:57:06 -0700 Steve Atkins wrote: > > On May 27, 2010, at 2:22 PM, Steve Atkins thinkoed: >> >> Legitimate email from paypal: >> >>72% rejected by ADSP >>28% not rejected >> >> Phishing emails using "paypal" in the From line: >> >>39% rejected by ADSP >>61% re

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 6/2/2010 4:08 AM, Ian Eiloart wrote: > --On 26 May 2010 14:00:54 -0700 Steve Atkins > wrote: >>You may win the battle of preventing use >> of the string "paypal.com" in the non-displayed part of the From: field, >> yet lose the war of protecting your users from phishers. > > There's no

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

--On 27 May 2010 21:57:54 -0400 "John R. Levine" wrote: >> We have had ADSP deployed since the week before the February MAAWG >> meeting. I just asked our infrastructure guru to do a quick check and >> we are seeing about a million ADSP look-up's per day at this point. > > That's a good start.

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

--On 26 May 2010 14:00:54 -0700 Steve Atkins wrote: > > Given that, it's not something that will provide any benefit once ADSP is > deployed - maybe just the opposite, as it will effectively neuter the > approach you're currently using. You may win the battle of preventing use > of the string

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

--On 26 May 2010 11:48:53 -0700 Michael Thomas wrote: > >> Perhaps I'm missing something. I'm working with the mental model >> that the underlying problem ADSP advocates would like to address >> is phishing or brand protection, as they're the only concrete problems >> I've seen mentioned. > > S

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/28/10 2:24 PM, Rolf E. Sonneveld wrote: > Dave CROCKER wrote: > >> On 5/28/2010 12:07 PM, Jeff Macdonald wrote: >> >>> But I'd like to see if I understand the difference your are trying to >>> highlight between a manually maintained list and a self published >>> list. >>> >>

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

Dave CROCKER wrote: > On 5/28/2010 12:07 PM, Jeff Macdonald wrote: > >> But I'd like to see if I understand the difference your are trying to >> highlight between a manually maintained list and a self published >> list. >> > > There is a key semantic difference which, I believe, makes for a

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/28/10 2:09 PM, Al Iverson wrote: > On Fri, May 28, 2010 at 3:34 PM, John Levine wrote: > >>> In past discussions there had been an expressed concern that the >>> number of domains/companies who send notifications and are phish >>> targets is very low, but I would counter that it is not lo

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Fri, May 28, 2010 at 3:34 PM, John Levine wrote: >>In past discussions there had been an expressed concern that the >>number of domains/companies who send notifications and are phish >>targets is very low, but I would counter that it is not low at all. > > The question is low compared to what.

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

>In past discussions there had been an expressed concern that the >number of domains/companies who send notifications and are phish >targets is very low, but I would counter that it is not low at all. The question is low compared to what. There are probably thousands, maybe tens of thousands of d

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/28/2010 12:07 PM, Jeff Macdonald wrote: > But I'd like to see if I understand the difference your are trying to > highlight between a manually maintained list and a self published > list. There is a key semantic difference which, I believe, makes for a key difference in utility. In a manu

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/28/10 9:24 AM, Alessandro Vesely wrote: > I agree ADSP currently leaves much to be desired. It deserves > completion. (DKIM itself is in a similar situation, since it is still > not MIME-compliant. A somewhat embarrassing circumstance for a > protocol designed not to "break forwarding".) >

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Fri, May 28, 2010 at 2:32 PM, John R. Levine wrote: >> But I'd like to see if I understand the difference your are trying to >> highlight between a manually maintained list and a self published >> list. Manually, there is confidence in understanding the >> ramifications. Self published (ADSP) t

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> But I'd like to see if I understand the difference your are trying to > highlight between a manually maintained list and a self published > list. Manually, there is confidence in understanding the > ramifications. Self published (ADSP) there is no assurance in the > understanding of the ramificat

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Fri, May 28, 2010 at 12:14 AM, John Levine wrote: >>So I understand your line of reasoning. But today, I believe ADSP can >>provide a benefit. Brett has data that supports that. > > Once again, we have a pernicious confusion between manually maintained > drop lists and ADSP. > > Brett has data

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 27/May/10 20:45, Douglas Otis wrote: > To better answer Steve's criticisms on phishing, our company among > others, offers browser plugins for web mail and popular email > applications that annotate messages using corporate icons. Yes, perhaps a favicon would get more adoption than, say, "dkim=

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

Hi Brett, [feel free to follow up off-list] At 12:36 27-05-10, Brett McDowell wrote: >It would probably help me if you folks could send me questions >(probably off-list as I'm not sure how relevant this is to the WG >scope) that I can use as a guide for exactly how to wrangle our data >into a

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 10:02 PM, Scott Kitterman wrote: > ... >> 1. Do we want to reduce the DKIM broken signature rate or do we want to >> make ADSP less vulnerable to it. Or both, I guess. >> >> 2. If we want to reduce the DKIM broken signature rate, do we need to >> rework DKIM at all, or do w

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/27/10 9:01 PM, Steve Atkins wrote: > There are, I think, two problems that are intrinsic to the use of ADSP in the > context of mitigating phishing email. > > One underlying problem is that ADSP is based on the inverse of an > intentionally unreliable positive assertion (DKIM). That maps the

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

... > 1. Do we want to reduce the DKIM broken signature rate or do we want to > make ADSP less vulnerable to it. Or both, I guess. > > 2. If we want to reduce the DKIM broken signature rate, do we need to > rework DKIM at all, or do we need to make operational recommendations to > the generator

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 05/27/2010 09:14 PM, John Levine wrote: >> So I understand your line of reasoning. But today, I believe ADSP can >> provide a benefit. Brett has data that supports that. > > Once again, we have a pernicious confusion between manually maintained > drop lists and ADSP. > > Brett has data that supp

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 9:03 PM, Dave CROCKER wrote: > > > On 5/27/2010 2:22 PM, Steve Atkins wrote: >> I'll write up the methodology in a little more detail, but out of my sample > > eager to see the method description. not lots of detail, just the gist of > what > criteria created each of the

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 9:15 PM, John Levine wrote: >> On the other hand, John and Steve expect that the benefits PayPal is >> seeing in thwarted phishing messages will be short-lived, as phishers >> just change domain names, and send out just as many messages as >> before, fooling just as many recip

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

>On the other hand, John and Steve expect that the benefits PayPal is >seeing in thwarted phishing messages will be short-lived, as phishers >just change domain names, and send out just as many messages as >before, fooling just as many recipients into thinking they're from >PayPal. Actually, that'

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

>So I understand your line of reasoning. But today, I believe ADSP can >provide a benefit. Brett has data that supports that. Once again, we have a pernicious confusion between manually maintained drop lists and ADSP. Brett has data that supports the former, not the latter. R's, John ___

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/27/2010 2:22 PM, Steve Atkins wrote: > I'll write up the methodology in a little more detail, but out of my sample eager to see the method description. not lots of detail, just the gist of what criteria created each of the 4 values. > the initial data is: > > Legitimate email from paypal

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 7:39 PM, Scott Kitterman wrote: > "Brett McDowell" wrote: > ... >> As a newbie to this list, I have to say I agree. This has been a far less >> collegial debate than what I'm used to. That said, I may be guilty of >> reciprocating, and if anyone feels they have been on th

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

"Steve Atkins" wrote: > >On May 27, 2010, at 7:38 PM, Scott Kitterman wrote: > >> "Steve Atkins" wrote: >>> >>> That should be >>> Legitimate email from paypal: 72% rejected by ADSP 28% not rejected Phishing emails using "paypal" in the From line: >>

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 7:38 PM, Scott Kitterman wrote: > "Steve Atkins" wrote: >> >> That should be >> >>> Legitimate email from paypal: >>> >>> 72% rejected by ADSP >>> 28% not rejected >>> >>> Phishing emails using "paypal" in the From line: >>> >>> 39% rejected by ADSP >>> 61% not r

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

"Brett McDowell" wrote: ... >As a newbie to this list, I have to say I agree. This has been a far less >collegial debate than what I'm used to. That said, I may be guilty of >reciprocating, and if anyone feels they have been on the receiving end of >such, I apologize. ... I think your only o

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

"Steve Atkins" wrote: > >On May 27, 2010, at 2:22 PM, Steve Atkins thinkoed: >> >> Legitimate email from paypal: >> >>72% rejected by ADSP >>28% not rejected >> >> Phishing emails using "paypal" in the From line: >> >>39% rejected by ADSP >>61% rejected. > >That should be > >>

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> We have had ADSP deployed since the week before the February MAAWG meeting. > I just asked our infrastructure guru to do a quick check and we are seeing > about a million ADSP look-up's per day at this point. That's a good start. Now we need to figure out some way to find out who's doing th

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/27/10 4:14 PM, Brett McDowell wrote: >> > I think DKIM is a Good Thing that should be widely deployed. ADSP is >> > broken in many respects, and because it's tied to DKIMs mindshare >> > that brokenness deters DKIM adoption. So I believe that ADSP needs >> > to be fixed or it needs to be a

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

(disregard previous, I did miss this message Steve... I have the context now... a few comments below) On May 27, 2010, at 5:22 PM, Steve Atkins wrote: > > On May 27, 2010, at 12:46 PM, Brett McDowell wrote: > >> On May 26, 2010, at 11:28 PM, Steve Atkins wrote: >> >>> I'm pretty sure that ADS

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

I must have missed an email or something... what's the context for and/or source of this data? On May 27, 2010, at 5:57 PM, Steve Atkins wrote: > > On May 27, 2010, at 2:22 PM, Steve Atkins thinkoed: >> >> Legitimate email from paypal: >> >> 72% rejected by ADSP >> 28% not rejected >> >>

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 2:22 PM, Steve Atkins thinkoed: > > Legitimate email from paypal: > >72% rejected by ADSP >28% not rejected > > Phishing emails using "paypal" in the From line: > >39% rejected by ADSP >61% rejected. That should be > Legitimate email from paypal: > >7

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 2:05 AM, John Levine wrote: >> I thought I had. Remember that business about 100 million phishing >> attacks being blocked (DKIM alone would not have delivered that... it >> was our policy assertion and the acceptance to act on that policy >> assertion that made this happen)? >

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 12:46 PM, Brett McDowell wrote: > On May 26, 2010, at 11:28 PM, Steve Atkins wrote: > >> I'm pretty sure that ADSP as-is is a bad tool to solve any particular >> problem. >> But given it's not being proposed to solve any concrete problem, it's >> hard to discuss whether ther

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/27/2010 1:30 PM, Brett McDowell wrote: > On May 27, 2010, at 3:41 PM, Dave CROCKER wrote: >> A problem, here, is that you are using that citation as a kind of proof of >> the correctness of your position, but we do not have access to the data to >> make an independent assessment. > > It was

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 3:41 PM, Dave CROCKER wrote: > > > >> More than expecting to, we are actively working on deployments with parties >> interested in "opting-in" to this open, standards-based, authenticated email >> ecosystem. Unfortunately for the sake of this debate, I cannot disclose who >

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 26, 2010, at 5:00 PM, Steve Atkins wrote: > > On May 26, 2010, at 12:46 PM, Brett McDowell wrote: >>> >>> Paypal is claiming an operational benefit, but haven't actually >>> demonstrated that ADSP either provides that benefit, nor that >>> those benefits can't be provided in a significant

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 26, 2010, at 11:28 PM, Steve Atkins wrote: > I'm pretty sure that ADSP as-is is a bad tool to solve any particular problem. > But given it's not being proposed to solve any concrete problem, it's > hard to discuss whether there's a better solution. > Are you deliberately ignoring the dat

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> More than expecting to, we are actively working on deployments with parties > interested in "opting-in" to this open, standards-based, authenticated email > ecosystem. Unfortunately for the sake of this debate, I cannot disclose who > just yet. A problem, here, is that you are using that ci

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 1:25 AM, Steve Atkins wrote: > > On May 26, 2010, at 9:24 PM, SM wrote: > >> At 11:20 26-05-10, Murray S. Kucherawy wrote: >>> I've written code implementing all of this stuff, but I've never run >>> it in an operational environment of the size or nature that Brett >>> does

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 10:05 AM, Barry Leiba wrote: >> do you believe John, who never believed in ADSP and has repeatedly said >> that he hope it fails, and who has a microscopic amount of deployment >> experience if any at all. Or do we believe Brett/paypal that ADSP is >> providing benefit *today*

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On May 27, 2010, at 10:39 AM, Michael Thomas wrote: > The problem with the cross examination that John and Steve are trying > to perform is that the witnesses are under no obligation to respond. And, > quite reasonably, they don't. I appreciate the support, but I didn't want to leave anyone with

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/27/10 7:53 AM, Jeff Macdonald wrote: > So I understand your line of reasoning. But today, I believe ADSP can > provide a benefit. Brett has data that supports that. It may have a > limited lifetime. But I don't think this will be the only RFC that has > a limited lifetime in the transition to

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On Wed, May 26, 2010 at 11:28 PM, Steve Atkins wrote: > So what actual operational problem does it attempt to solve? A byte > sequence in an email header field that's commonly not shown to the > user is not an operational problem. It might be a middle point in a > line of reasoning between an oper

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 05/27/2010 07:05 AM, Barry Leiba wrote: >> do you believe John, who never believed in ADSP and has repeatedly said >> that he hope it fails, and who has a microscopic amount of deployment >> experience if any at all. Or do we believe Brett/paypal that ADSP is >> providing benefit *today* in the

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

> do you believe John, who never believed in ADSP and has repeatedly said > that he hope it fails, and who has a microscopic amount of deployment > experience if any at all. Or do we believe Brett/paypal that ADSP is > providing benefit *today* in the form of 100's of millions of thwarted > phishes

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

Since these are all rhetorical questions, let's cut to the chase: do you believe John, who never believed in ADSP and has repeatedly said that he hope it fails, and who has a microscopic amount of deployment experience if any at all. Or do we believe Brett/paypal that ADSP is providing benefit *tod

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

On 5/26/10 8:28 PM, Steve Atkins wrote: > So it says nothing about the threat it's supposed to thwart. Without that > there's no possibility of creating an attack tree. And without that, there's > no possibility of doing any security analysis on any proposal. And ADSP > is (I think) primarily a sec

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

>> Steve Atkins and I have explained why that's utterly implausible enough >> times that anyone who's interested can easily find it in the list >> archives. >With all due respect, the two of you don't constitute "consensus", >and I don't think abruptly stifling legitimate debate like this >serves

Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion

>I thought I had. Remember that business about 100 million phishing >attacks being blocked (DKIM alone would not have delivered that... it >was our policy assertion and the acceptance to act on that policy >assertion that made this happen)? Right. But then there is the utterly unwarranted leap to

  1   2   3   >