Earl Hood <[EMAIL PROTECTED]> writes: > On October 29, 2005 at 06:44, Eric Rescorla wrote: > >> S 5: >> One of the most fundamental bad acts being attempted is the delivery >> of messages which are not authorized by the alleged originating >> domain. As described above, these messages might merely be unwanted >> by the recipient, or might be part of a confidence scheme or a >> delivery vector for malware. >> >> This seems to me to be too concrete. At a meta-level, the bad >> act being attempted is the delivery of messages which the receiver >> doesn't want to see (see Section 2 again). > > Only the receiver knows what they want and do not want to see. > > The bad act is the deliberate deception by the sender upon the > recipient to avoid accountability and/or obtain a false sense of > trust in order to entice the recipient to perform actions based on > that false trust. > > A spam message does not mean that any identities are being spoofed.
Exactly. But forgery is not a significant problem outside of the spam/phishing context. And outside that context it's arguable that it would be better dealt with with something like S/MIME. >> But doesn't this effectively say "DKIM (or any sender signing scheme) >> doesn't work against attacks that attempt to involve impersonating >> a specific source address"? What class of specific impersonation >> attacks does this technology actually work against in practice? > > "Exact" domain spoofing. I.e. There is a desire to at least deal > with cases to avoid unauthorized use of an exact domain. Look-alike > attacks are a much more difficult problem since human factors are > more involved. Right, but the important question is whether the benefit of reducing exact domain spoofing is of much value. -Ekr _______________________________________________ ietf-dkim mailing list http://dkim.org
