Re: [ietf-dkim] RFC 4686 on Analysis of Threats Motivating DomainKeys Identified Mail (DKIM)
Damon <deepvoice@gmail.com> Wed, 27 September 2006 17:52 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GSda8-0002PD-9Q for ietf-dkim-archive@lists.ietf.org; Wed, 27 Sep 2006 13:52:28 -0400
Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GSda6-0004WW-QG for ietf-dkim-archive@lists.ietf.org; Wed, 27 Sep 2006 13:52:28 -0400
Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k8RHfcDx013151; Wed, 27 Sep 2006 10:41:42 -0700
Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.186]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k8RHfPPC013117 for <ietf-dkim@mipassoc.org>; Wed, 27 Sep 2006 10:41:25 -0700
Received: by nf-out-0910.google.com with SMTP id n28so616120nfc for <ietf-dkim@mipassoc.org>; Wed, 27 Sep 2006 10:41:05 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=bJQzl50RH8guJQUJ9BKlANJ+iXsplevsGBCktz38HGic8HMMkPtzOLDqwuYCgNtIDnHy6rdkME37DOh7RZ0CMlPuZT/ANr6E72bPS5ZqNXsRv/9k3C1Ov97JklUZ2ZgBny7E5Dc/iflZms0MIxTJDuOvNUJZ3fdDwkQpskqGN68=
Received: by 10.49.36.6 with SMTP id o6mr2687856nfj; Wed, 27 Sep 2006 10:41:05 -0700 (PDT)
Received: by 10.49.37.8 with HTTP; Wed, 27 Sep 2006 10:41:05 -0700 (PDT)
Message-ID: <62146370609271041l6c71de9cn4906261b2209e2a3@mail.gmail.com>
Date: Wed, 27 Sep 2006 13:41:05 -0400
From: Damon <deepvoice@gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [ietf-dkim] RFC 4686 on Analysis of Threats Motivating DomainKeys Identified Mail (DKIM)
In-Reply-To: <451A1CD0.1060502@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <p062309b5c13f7dfec9c8@10.20.30.177> <451A1CD0.1060502@cs.tcd.ie>
X-Songbird: Clean, Clean
Cc: ietf-dkim@mipassoc.org
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Sender: ietf-dkim-bounces@mipassoc.org
Errors-To: ietf-dkim-bounces@mipassoc.org
X-SongbirdInformation: support@songbird.com for more information
X-Songbird-From: ietf-dkim-bounces@mipassoc.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9a2be21919e71dc6faef12b370c4ecf5
All the threat listed in the document require some sophistication on the part of the spammer. Would this mean the end of the "basement" spammer if widely deployed? I also see (not listed in the document) a long deployment time a threat. Notice that spammers were the first to jump on the SPF band-wagon and made their domains SPF compliant. Some people pointed to this as an SPF failure and asked themselves what the point was to deploy it. This caused the "garage" spammer to live on. Hopefully this document does not raise the question "What is the point of deployment?" but is used, in part, to show the hoops that spammers will have to jump through. Any time you make it more difficult (and therefore more costly) for a spammer to spam, you start to thin out the players. Just food for thought. Regards, Damon Sauer On 9/27/06, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > Well done to all concerned, esp. Jim of course! > S. > > rfc-editor@rfc-editor.org wrote: > > > > A new Request for Comments is now available in online RFC libraries. > > > > > > RFC 4686 > > > > Title: Analysis of Threats Motivating DomainKeys > > Identified Mail (DKIM) > > Author: J. Fenton > > Status: Informational > > Date: September 2006 > > Mailbox: fenton@cisco.com > > Pages: 29 > > Characters: 70382 > > Updates/Obsoletes/SeeAlso: None > > > > I-D Tag: draft-ietf-dkim-threats-03.txt > > > > URL: http://www.rfc-editor.org/rfc/rfc4686.txt > > > > This document provides an analysis of some threats against Internet > > mail that are intended to be addressed by signature-based mail > > authentication, in particular DomainKeys Identified Mail. It > > discusses the nature and location of the bad actors, what their > > capabilities are, and what they intend to accomplish via their > > attacks. This memo provides information for the Internet community. > > > > This document is a product of the Domain Keys Identified Mail > > Working Group of the IETF. > > > > > > INFORMATIONAL: This memo provides information for the Internet community. > > It does not specify an Internet standard of any kind. Distribution > > of this memo is unlimited. > > > > This announcement is sent to the IETF list and the RFC-DIST list. > > Requests to be added to or deleted from the IETF distribution list > > should be sent to IETF-REQUEST@IETF.ORG. Requests to be > > added to or deleted from the RFC-DIST distribution list should > > be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG. > > > > Details on obtaining RFCs via FTP or EMAIL may be obtained by sending > > an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body > > > > help: ways_to_get_rfcs. For example: > > > > To: rfc-info@RFC-EDITOR.ORG > > Subject: getting rfcs > > > > help: ways_to_get_rfcs > > > > Requests for special distribution should be addressed to either the > > author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG. Unless > > specifically noted otherwise on the RFC itself, all RFCs are for > > unlimited distribution. > > > > Submissions for Requests for Comments should be sent to > > RFC-EDITOR@RFC-EDITOR.ORG. Please consult RFC 2223, Instructions to RFC > > Authors, for further information. > > > > > > Joyce K. Reynolds and Sandy Ginoza > > USC/Information Sciences Institute > > > > ... > > > > > > > > _______________________________________________ > > IETF-Announce mailing list > > IETF-Announce@ietf.org > > https://www1.ietf.org/mailman/listinfo/ietf-announce > > _______________________________________________ > > NOTE WELL: This list operates according to > > http://mipassoc.org/dkim/ietf-list-rules.html > > > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html > _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
- [ietf-dkim] RFC 4686 on Analysis of Threats Motiv… rfc-editor
- Re: [ietf-dkim] RFC 4686 on Analysis of Threats M… Stephen Farrell
- Re: [ietf-dkim] RFC 4686 on Analysis of Threats M… Damon
- [ietf-dkim] Re: RFC 4686 on Analysis of Threats M… Frank Ellermann