IETF Logo Mail Archive

Re: [ietf-dkim] A more fundamental SSP axiom

Damon <deepvoice@gmail.com> Wed, 02 August 2006 21:24 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G8OCk-0006HH-Q9 for ietf-dkim-archive@lists.ietf.org; Wed, 02 Aug 2006 17:24:38 -0400
Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G8OCi-0006Rn-6n for ietf-dkim-archive@lists.ietf.org; Wed, 02 Aug 2006 17:24:38 -0400
Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k72LNYgA011949; Wed, 2 Aug 2006 14:23:35 -0700
Received: from wx-out-0102.google.com (wx-out-0102.google.com [66.249.82.206]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k72LNBJB011914 for <ietf-dkim@mipassoc.org>; Wed, 2 Aug 2006 14:23:11 -0700
Received: by wx-out-0102.google.com with SMTP id t10so942708wxc for <ietf-dkim@mipassoc.org>; Wed, 02 Aug 2006 14:22:45 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=SJmME7Xc+WptlDA2GZXpxeUGrlVqeVqRkeyVg4hov3UsGe7lTcmjYMriQJpjcuB470IA3RUa5Bq/WbM0KoVcoh0bbi9lR+8+BTMcsnlzhaguX9nmbGVVabq5vUNFF8XhmRIMe98c78sdNaU3R8pMK9E2nr09oHGdEXFS8rIG2uw=
Received: by 10.78.166.7 with SMTP id o7mr526703hue; Wed, 02 Aug 2006 14:22:44 -0700 (PDT)
Received: by 10.78.149.6 with HTTP; Wed, 2 Aug 2006 14:22:44 -0700 (PDT)
Message-ID: <62146370608021422m4f20971dhd8dddd42ba822aca@mail.gmail.com>
Date: Wed, 02 Aug 2006 17:22:44 -0400
From: Damon <deepvoice@gmail.com>
To: John L <johnl@iecc.com>
Subject: Re: [ietf-dkim] A more fundamental SSP axiom
In-Reply-To: <20060802165510.X1168@simone.iecc.com>
MIME-Version: 1.0
References: <20060802002353.U59653@simone.iecc.com> <44D0E259.7040400@mtcc.com> <20060802165510.X1168@simone.iecc.com>
X-Songbird: Clean, Clean
Cc: DKIM List <ietf-dkim@mipassoc.org>
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0008137078=="
Sender: ietf-dkim-bounces@mipassoc.org
Errors-To: ietf-dkim-bounces@mipassoc.org
X-SongbirdInformation: support@songbird.com for more information
X-Songbird-From: ietf-dkim-bounces@mipassoc.org
X-Spam-Score: 0.5 (/)
X-Scan-Signature: 2086112c730e13d5955355df27e3074b

Ok.

 Here is a scenario:

 I send a signed message somewhere.

To me, it's that simple.

IMHO this-Works: (some of which flies in the face of the scope- I know -
don't care)
-One signature per message.
-Authentication happens in the SMTP process or a process that knows
everything about the message that the MTA knows about it.
- Relays must not sign messages if the messages have already been signed
unless the content has changed (that makes it a new message right?)
- Let the admins figure out what level the RSA is at. I think they know
better than we do about how to get their mail from place to place. If they
set it too high.. reject it! Why is that so hard?
- If the sig is broken, the email is broken- period. Whose bright idea was
it to forgive broken sigs?!
- SSL is what DKIM *should* be. It is the heart and soul of it.

this doesn't work:
"I sign sometimes" This seemed like a joke to me. What is the point if you
can't tell the user if your mail will be signed by you and when it will be
signed. - Will work by putting in FQDN or CIDR's in the SIG line and using
your MTA or MTA data aware process to check it against the sending IP.
"I sign always" - Unless you are draconian, this will not work for you and
you will have to use 'I sign sometimes or never' and that.... well...
currently is useless.


What did I miss?


Regards,
Damon Sauer





On 8/2/06, John L <johnl@iecc.com> wrote:
>
> > I think a more fundamental question is who the consumers of SSP
> information
> > are.  I think that everybody agrees that DKIM receivers are an important
> > constituent, but are they the only ones? It doesn't seem very hard to
> > envision other consumers.
>
> Usage scenarios would be very helpful.  As Dave noted, if people can throw
> stuff into a protocol because it might be useful for something nobody
> actually plans to do, you end up with terminal bloat.
>
> R's,
> John
> _______________________________________________
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html
>

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

v2.23.0 | Report a Bug | By Email