Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specification for DomainKeys]
John Capo <jc@irbs.com> Thu, 20 May 2004 18:01 UTC
Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA07570 for <asrg-archive@odin.ietf.org>; Thu, 20 May 2004 14:01:10 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQreP-00076h-2z for asrg-archive@odin.ietf.org; Thu, 20 May 2004 13:48:13 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i4KHmDsH027319 for asrg-archive@odin.ietf.org; Thu, 20 May 2004 13:48:13 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQrcB-00066X-DO for asrg-web-archive@optimus.ietf.org; Thu, 20 May 2004 13:45:55 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA06128 for <asrg-web-archive@ietf.org>; Thu, 20 May 2004 13:45:52 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BQrc8-0003cZ-VM for asrg-web-archive@ietf.org; Thu, 20 May 2004 13:45:53 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BQrbC-0003YH-00 for asrg-web-archive@ietf.org; Thu, 20 May 2004 13:44:55 -0400
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1BQram-0003Ui-00 for asrg-web-archive@ietf.org; Thu, 20 May 2004 13:44:28 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQrQf-0003UH-UN; Thu, 20 May 2004 13:34:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQrDy-0000Bc-1s for asrg@optimus.ietf.org; Thu, 20 May 2004 13:20:54 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA03894 for <asrg@ietf.org>; Thu, 20 May 2004 13:20:51 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BQrDw-0000nC-1G for asrg@ietf.org; Thu, 20 May 2004 13:20:52 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BQrD6-0000jl-00 for asrg@ietf.org; Thu, 20 May 2004 13:20:00 -0400
Received: from mxout-04.mxes.net ([65.77.21.94]) by ietf-mx with esmtp (Exim 4.12) id 1BQrCK-0000eC-00 for asrg@ietf.org; Thu, 20 May 2004 13:19:12 -0400
Received: from exuma.irbs.com (exuma.irbs.com [216.86.160.252]) by smtp.mxes.net (Postfix) with ESMTP id 4FA9D3C2911 for <asrg@ietf.org>; Thu, 20 May 2004 13:19:06 -0400 (EDT)
Received: from localhost.irbs.com (localhost.irbs.com [127.0.0.1]) by exuma.irbs.com (Postfix) with ESMTP id E6F741741C for <asrg@ietf.org>; Thu, 20 May 2004 13:19:05 -0400 (EDT)
Received: by exuma.irbs.com (Postfix, from userid 2500) id BF56517418; Thu, 20 May 2004 13:19:05 -0400 (EDT)
From: John Capo <jc@irbs.com>
To: asrg@ietf.org
Subject: Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specification for DomainKeys]
Message-ID: <20040520171905.GA36075@exuma.irbs.com>
Reply-To: jc@irbs.com
References: <40AAB82D.3090004@solidmatrix.com> <40AC314F.9030501@elvey.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <40AC314F.9030501@elvey.com>
User-Agent: Mutt/1.4.1i
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
Date: Thu, 20 May 2004 13:19:05 -0400
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.60
Quoting Matthew Elvey (matthew@elvey.com): > > DK requires orders of magnitude more > work to adopt, though not as much as SPF+SRS. Nod. > > DK is about as reliant on blacklists/reputation services as other > proposals. Without them, CSV is not easier for a spammer to circumvent > than DK or SPF. They all require that something be put in a DNS entry > for a domain that costs approximately nothing to put there beyond the > cost of the domain itself. DKs aren't signed by CAs, remember. > Exploit: A spammer would have control of the DNS server for the > responsible domain, and a BotNet spamming node would spam with a valid > DK. The DK would be in the zombie worm that created the BotNet, or even > communicated via IRC. > > So, I think DK is shown to be about as trivial to circumvent as the 40% > solution / CSV+++. Unless I'm missing something I think its even easier to circumvent and Yahoo! seems to agree: 6.5 Envelope audit [ To be discussed: Identify the preconditions in the base document that allow for envelope auditing to protect against replay and joe-jobs ] All that is signed is what is received by the signing MTA. Get a Yahoo! throwaway account. Send email from Yahoo! to yourself at another account. Strip headers added in transit and you have a DK signed message that can be wrapped in a new envelope and it will verify as signed by Yahoo!. If widely adopted, DK or something like it might go a long way towards stopping phishing. But the phisher can still register a domain that looks like paypal.com, valued-paypal-customer.com, and sign that himself and the naive user will still get sucked into the fraud. John Capo Tuffmail.com _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] [Fwd: Yahoo! Mail Publishes Specification … Yakov Shafranovich
- [Asrg] 6 - Yahoo Domain Keys Chris
- Re: [Asrg] 6 - Yahoo Domain Keys Seth Breidbart
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys John Levine
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… John Levine
- [Asrg] Re: 6 - Yahoo Domain Keys Philip Miller
- Re: [Asrg] 6 - Yahoo Domain Keys Alan DeKok
- Re: [Asrg] 6 - Yahoo Domain Keys George Ou
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Mark Baugher
- Re: [Asrg] 6 - Yahoo Domain Keys Matt Sergeant
- Re: [Asrg] Re: 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys Seth Breidbart
- Re: [Asrg] Re: 6 - Yahoo Domain Keys der Mouse
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… William Leibzon
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] Re: 6 - Yahoo Domain Keys William Leibzon
- Re: [Asrg] 6 - Yahoo Domain Keys George Ou
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Matthew Elvey
- RE: [Asrg] 6 - Yahoo Domain Keys Chris
- RE: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Chris
- blacklisting throwaway domains, was Re: [Asrg] Re… Tony Finch
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… John Capo
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Yakov Shafranovich
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Yakov Shafranovich
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Matthew Elvey
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Yakov Shafranovich
- RE: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… William Leibzon
- RE: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Chris