On Sep 6, 2006, at 4:38 PM, Wietse Venema wrote:
Jim Fenton:
The aspect of user-level SSP that concerns me equally is the
transaction load. When user-level SSP is "turned on", the
verifier MUST query for a user-level record in addition to the
domain-level record. User-level queries are not as effectively
cached, since these are queries for individual addresses, not
domains.
Could someone please explain the nature of the problem that would
exist when these (financial) institutions can't selectively add
DKIM signatures to outbound email? Engineering is about balance,
but I haven't heard enough to make the trade off yet.
An institution that signs all their messages may wish to restrict
which messages are seen by recipients as being annotated with added
assurances. (A gold star next to the email-address perhaps.) Not all
messages being signed are equally vetted, and not all are equally
trustworthy. The desire is to limit assurances automatically placed
upon their messages to that of a select few. The identifier commonly
communicated is that of an email-address, which is a natural means to
differentiate messages.
With per-user records in the DNS, should we not be worried about
brute-force attacks to guess email addresses?
Why? The signature must be valid and the email-address must be
assured to be valid. How is the email-address susceptible?
I'm also worried about the implied requirement that a DKIM verifier
would have to do SSP lookups even when a valid first-hand DKIM
signature exists.
The envisioned means of applying protection depends upon the email-
address first being recognized. Only in those cases, might there be
any need for any additional transactions.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
