Note: I'm still trying to catch up with the previous traffic, but there's so much of it (and so much irrelevant material) that it's taking a while to do so. The fact that the gzip'ed archives are (a) incompete and (b) not in RFC[2]822 format doesn't help.
Meanwhile, one thing I've noticed about everything I've seen so far that purports to be a threat analysis is that they are trying to define the threats in terms of the proposed solution. That's backwards. What you need to do is explain what the real problem you are trying to solve is, and then explain the degree to which DKIM does or does not solve that problem. Saying (in effect) that the problem you are trying to solve is to give people DKIM, and that DKIM solves the DKIM problem, is not helpful. I believe the problem that most of us are trying to solve is to reduce the burden of undesirable mail on recipients and on the mail system, without adversely affecting the ability of the mail system to carry desirable mail. There are several kinds of undesirable mail, including forged content, unauthorized (re)transmissions of authentic content, unwanted advertising, and content which harms the recipient's system (e.g. mail viruses). There is some overlap between these categories. I believe that most of us who are interested in working on DKIM are doing so because we believe that DKIM will address this problem, or part of this problem. But it's important to understand, describe, and examine which pieces of this problem we believe will be addressed by DKIM, and which are not, so that we will then be in a position to (a) suggest additional work and how it might interface with DKIM, and/or (b) suggest how DKIM might be tweaked to better address that problem or a well-understood part of that problem. This effort is necessary both so that DKIM can target its energies in a useful direction and so that we will understand what is reasonably in-scope for a DKIM WG and what is out-of-scope and should be done elsewhere. We also need to state our assumptions. For instance, it's widely assumed that because much unwanted advertising today is forged content and/or transmitted by unauthorized means, that an authentication system that ameliorates one or both of these will reduce the amount of unwanted advertising. However, this does not follow, and there is good reason to believe that the amount of unwanted advertising will actually increase under these conditions. We could discourage one set of bad actors only to make conditions more favorable for another, much larger, set. It is unwise to take it as an axiom, or a matter of faith, that any kind of authentication is a good thing. We have seen several examples of authentication systems, both inside and outside of the email world, that turned out to be a poor fit for many of the authentication problems that people needed to solve. _______________________________________________ ietf-dkim mailing list [email protected] http://mipassoc.org/mailman/listinfo/ietf-dkim
