On Sat, 2006-05-27 at 20:26 -0700, Dave Crocker wrote: > > > >> A verifier should not expect any parent domain to be authoritative > >> for what is a valid sub-domain email-address. > > > > No matter how many times you say this, it's still not true. > > indeed. which prompts the obvious question: why are folks pursuing this.
This was an attempt to discuss the parent signing issue. It would be helpful to indicate specifics rather than arguing against the discussion. Steve Atkins raised the point that example co.uk does not currently implement DKIM as to why such concern is unrealistic. A financial incentive might change this assumption, when allowing any parent to validate the email-addresses of any sub-domain "as-if" authoritative. In addition to being at the pinnacle of trust for domain delegations, without any change in domain delegation, this entity would find themselves at the pinnacle of trust for email-addresses as well. Dave, from your response, are you suggesting that ggTLD, ccTLD, SLD, operators should be considered authoritative for all email-addresses within their domain? Or are you suggesting these operations should be precluded from publishing DKIM keys? John Levine takes the position this is a contractual issue, presumably between the regulatory bodies and the domain service operators. John, are you suggesting all future contracts should include a ban on publishing DKIM keys at these levels? Proponents desire key publishing simplification by employing what is often an unrealistic mandate. Most would regard this mandate absurd when viewed from the perspective their TLD provider. This provider is now authoritative for whether an email-address within their domain is valid? The legal and possible security issues trump a publishing simplification. The assertion any parent is _always_ authoritative (without any confirmation) for any sub-domain email-address, together with a lack of any existing contractual obligations for domain operators, may mean once a DKIM key is publish at a very high level, this key will be targeted for attack. Once one such key is compromised, the entire domain is compromised. One key failure causing a compromise cascade for all sub-domains seems like a very poor design choice. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
