On Thu, Feb 16, 2023 at 12:57 PM Barry Leiba <[email protected]> wrote:
> >> Okay. What's the value for X - T that prevents this problem, but > doesn't cause DKIM signatures of "normal" mail to fail? > > > > There's not one "right" value; we're talking about distributions > > of timings for normal mail vs. replay, and yes, there's some > > overlap there. In practice I've seen many signers choose > > expirations in the range of 1hr to a few days. 1hr can be very > > good at limiting the opportunity for high volume replay, but I > > estimate "normal" signature breakage at that level is on the > > order of 0.1%. 24hr is probably effectively zero breakage, but > > with greater opportunity for replay. > > I think you're way off on these numbers, especially for the 1-hour > case. While normal circumstances get mail delivery in less than an > hour, I have seen *many* cases of legitimate mail delayed by hours -- > sometimes quite a few hours. I would consider anything less than two > days to be unacceptable, and with that sort of gap you don't do much > to prevent a spam blast. > Ok, this is an estimate based on a subset of our delivery data, and you have a point that some senders/signers are going to deliver much slower than we do. I'm certainly not globally authoritative on that. 1hr is at the very low end of the scale, only appropriate in narrow, specific circumstances. I think you're right that 2+ days is the right range for most mail.
_______________________________________________ Ietf-dkim mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-dkim
