IETF Logo Mail Archive

Re: [ietf-dkim] A more fundamental SSP axiom

Michael Thomas <mike@mtcc.com> Fri, 04 August 2006 16:26 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G92Vc-0005EV-Va for ietf-dkim-archive@lists.ietf.org; Fri, 04 Aug 2006 12:26:48 -0400
Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G92Pf-00019s-2u for ietf-dkim-archive@lists.ietf.org; Fri, 04 Aug 2006 12:20:41 -0400
Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k74GJluc011761; Fri, 4 Aug 2006 09:19:47 -0700
Received: from fasolt.mtcc.com (adsl-216-102-208-10.dsl.snfc21.pacbell.net [216.102.208.10]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k74GJeYi011735 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-dkim@mipassoc.org>; Fri, 4 Aug 2006 09:19:41 -0700
DKIM-Signature: v=0.4; a=rsa-sha256; q=dns/txt; l=1915; t=1154708349; x=11 55572349; c=relaxed/simple; s=dicks.drop.kirkwood; h=Content-Type:From:Subj ect:Content-Transfer-Encoding:MIME-Version; d=mtcc.com; i=mike@mtcc.com; z= From:=20Michael=20Thomas=20<mike@mtcc.com>|Subject:=20Re=3A=20[ietf-dkim]=2 0A=20more=20fundamental=20SSP=20axiom|Sender:=20|To:=20John=20L=20<johnl@ie cc.com>|Cc:=20DKIM=20List=20<ietf-dkim@mipassoc.org>|Content-Transfer-Encod ing:=207bit|MIME-Version:=201.0|Content-Type:=20text/plain=3B=20charset=3DI SO-8859-1=3B=20format=3Dflowe d; bh=C29qh5Q/+vN3dM6L3TKhwIy2CH0XYUzg8x/qtf6SFPw=; b=SZh7MvK9p2egFcJQPf8VREreHdsxy0EmJptmnqmsXFlirQox7gH9jSHgcB2/dWjY8DVBb25p Uw+E/BCN3pgizq18zsBmAloUzzD03rt2Xd7zf3bb9o1tcQj5zdVi/8FI;
DKIM-Signature: a=rsa-sha1; q=dns; l=1915; t=1154708349; x=1155572349; c=r elaxed/simple; s=dicks.drop.kirkwood; h=Content-Type:From:Subject:Content-T ransfer-Encoding:MIME-Version; d=mtcc.com; i=mike@mtcc.com; z=From:Michael= 20Thomas=20<mike@mtcc.com>|Subject:Re=3A=20[ietf-dkim]=20A=20more=20fundame ntal=20SSP=20axiom|Sender:|To:John=20L=20<johnl@iecc.com>|Cc:DKIM=20List=20 <ietf-dkim@mipassoc.org>|Content-Transfer-Encoding:7bit|MIME-Version:1.0|Co ntent-Type:text/plain=3B=20charset=3DISO-8859-1=3B=20format=3Dflowe d; X=v=3Dcisco.com=3B=20h=3DTHgzsy76Cqx29/einu/PnNiEwmM=3D; b=pa9g8EUTTkYSaT9ajx8S0r2Fn+BPOpAvO/isoLhSwyXigej15Pr5wPVlnpocHJ+S0Sm+egPm /G7FPWR6MMofG+wxq+ZJKBlDJMq02RTzaf6X9qa3JR3vtUc9x1m8swpN;
Received: from [216.102.208.13] (sj-natpool-220.cisco.com [128.107.248.220]) (authenticated bits=0) by fasolt.mtcc.com (8.13.6/8.13.1) with ESMTP id k74GJ8WX015650 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 4 Aug 2006 09:19:09 -0700
Message-ID: <44D37376.4020408@mtcc.com>
Date: Fri, 04 Aug 2006 09:19:02 -0700
From: Michael Thomas <mike@mtcc.com>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; rv:1.7.3) Gecko/20040913 Thunderbird/0.8 Mnenhy/0.7.2.0
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: John L <johnl@iecc.com>
Subject: Re: [ietf-dkim] A more fundamental SSP axiom
References: <20060802002353.U59653@simone.iecc.com> <44D0E259.7040400@mtcc.com> <20060802165510.X1168@simone.iecc.com> <44D160BD.7080209@mtcc.com> <20060802223619.E86316@simone.iecc.com> <44D24A20.6050109@mtcc.com> <20060803153457.X33570@simone.iecc.com> <44D36203.2060803@mtcc.com> <20060804112731.I21459@simone.iecc.com> <44D36B4A.2050903@mtcc.com> <20060804114527.Y27352@simone.iecc.com>
In-Reply-To: <20060804114527.Y27352@simone.iecc.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Authentication-Results: fasolt.mtcc.com; header.From=mike@mtcc.com; dkim=pass ( sig from mtcc.com/dicks.drop.kirkwood verified; ); header.From=mike@mtcc.com; dkim=pass ( sig from mtcc.com/dicks.drop.kirkwood verified; );
X-XIPE-SCORES: dispose=pass; ACD=1.00; CLAM=0.00; COMPLY=0.00; URL=0.00; SA=0.00; HONEY=0.00;
X-Songbird: Clean, Clean
Cc: DKIM List <ietf-dkim@mipassoc.org>
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Sender: ietf-dkim-bounces@mipassoc.org
Errors-To: ietf-dkim-bounces@mipassoc.org
X-SongbirdInformation: support@songbird.com for more information
X-Songbird-From: ietf-dkim-bounces@mipassoc.org
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002

John L wrote:

>>> I don't see the point.  That last suggestion is, to the recipient, 
>>> the equivalent of a useless "I sign some mail" since you're telling 
>>> the recipient it's OK to accept some amount of both signed and 
>>> unsigned mail.
>>
>
>> For us, the amount of mail that is in the false positive quandry is 
>> really really small, though the people it would effect primiarly are 
>> people who could make it a living hell in IT. A policy which is more 
>> relaxed could, however, say that it's well worth the effort be 
>> extremely cautious about such mail -- a far higher barrier to entry 
>> than the current one-size-fits-all filters.
>
>
> But you're talking about your own mail here, for which I expect that 
> you have all sorts of special treatment.


No, I'm concerned about how others will treat it. I don't have to publish a
policy to differentially treat that mail for myself.

>
> I'm trying to think about what I'll do when DKIM is in wide use, I get 
> mail from thousands of sources that publish SSP info.  If SSP says "I 
> sign everything" I have trouble figuring a use for it other than a 
> flat reject of unsigned messages or at least 4.9 points in a five 
> point scoring spam filter.


That's the problem: if you do that, domains like Cisco -- or anybody else
who uses mailing lists -- will *never* publish a "we sign everything" policy
even though we do. I hardly think that Cisco is a outlier here, and in fact
I expect that we'd be pretty similar to just about any medium to large
sized business.

>   I REALLY do not want an SSP that says "I sign everything, and here 
> is my estimate on a 0 to 10 scale of how much you should care."

I assume that you'd complain if it boiled down to a single bit?

0: "mail from this domain may transit manglers, adjust accordingly"
1: "the signature should always be intact"

       Mike
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

v2.23.0 | Report a Bug | By Email