On Sat, 2006-08-26 at 14:54 +0200, Frank Ellermann wrote: > Stephen Farrell wrote: > > > But yet again, each form of delegation has its issues. > > Right, but those forms where the delegator can delegate > without prior and explicit consent of the delegatee are > beyond my no-nonsense limit. Ideally "explicit" should > allow receivers to verify this. > > If an ISP uses a "we sign everything" strategy, and many > customers belong to botnets, then a "bad actor" could > register eboy (with an "O"), delegate eboy-signing to this > ISP unilaterally, and phish using his zombies with accounts > at this ISP. SSP shouldn't allow this by design.
A bad actor can register look-alike domains and added their own DKIM signature sent through any number of providers. Designation does not make this problem worse. With the entire email-address being internationalized, a problem of visual recognition must be handled through other strategies. Imagine the MUA has several types of annotations added to messages with DKIM's wonderful valid 2822.From address: - In Address Book - Matching Address/Signature Domains - Certified by Look-alikes might be handled by annotating messages with valid addresses found in the address book. Adding this mechanism allows the MUA to safely recognize correspondents, independently from the domain that was used to sign the message and still avoid the look-alike issue. There can be different annotations that indicate when the signing domain and the email-address domain match. An organizing finding themselves the subject of phish attacks should take this extra precaution. Perhaps policy adds a certification vector as well. Designations help the small outfit. Why deal with the negotiations and specialized services? There can still be safe annotation. It might not look as impressive as that seen with the bigger outfits. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
