John, I think what you wrote is concise and compelling. As you say, not exactly a threat analysis, but I imagine it could go there.
Eliot John Levine wrote: > Here's a short list of what I think DKIM tries to accomplish, with the > threat being what happens when it's not accomplished. Please note > that I use terms like "sender" in a general sense. > > 1. DKIM makes it easier to detect sender forgery. The three important > kinds of forgery are: > > * Pretending to be someone with a good or neutral reputation to avoid > recognition as someone with a bad reputation (spam) > > * Pretending to be someone with a good reputation to take advantage of > that reputation (phish) > > * Pretending to be someone with a good reputation to send material > intended to damage that reputation (joe job) > > There are other forgery scenarios possible, but these are the ones I > see every day and the ones that seem important to deal with. > > 2. DKIM avoids depending on endpoints. That is not to say it can't > be done at endpoints, but its design is tuned to work on mail servers. > The reasons are that endpoints are hard to set up (because there are > so many of them, and they're unmanaged) and usually insecure. > > 3. DKIM matches the ways that mail is sent and received. ISPs can do > DKIM for their users, list management software can do DKIM on mailing > lists, common kinds of forwarding work, etc. > > R's, > John > > > > _______________________________________________ > ietf-dkim mailing list > [email protected] > http://mipassoc.org/mailman/listinfo/ietf-dkim > _______________________________________________ ietf-dkim mailing list <http://dkim.org>
