Thomas, I think what needs to be highlighted in that when it comes to phishing, the bad actor would have to phish both the policy domain (author) and signing domain.
The bad guy can't use the real domain in either entity since both methods will be able to detect an error. However, in a DKIM-BASE only environment, since the mandate is to ignore all signature failures as if the message was never signed, the bad guy doesn't have to phish the signing domain. He can just target the apathetic "cry wolf" systems that ignores errors. This has a risk of getting thru to the end user. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com ----- Original Message ----- From: "Thomas A. Fine" <[EMAIL PROTECTED]> To: <[email protected]>; <[email protected]> Sent: Tuesday, September 12, 2006 12:41 PM Subject: Re: [ietf-dkim] SSP = FAILURE DETECTION >> SSP has an advantage when we assume that criminals are >> stupid enough to keep sending forged mail. It has no >> advantage with look-alike attacks. Guess what criminals >> will do. > > Without SSP, users have two opportunities for making mistakes in > verifying their mail. They can fail to notice that it is unsigned, > or they can fail to notice that it is from a wrong domain. > > With SSP, users only have to look for the wrong domain, because > they should never see the unsigned mail. > > Maybe someone who's an expert in human factors can relate this to > statistical decrease in errors by the user. My feeling is that > the less a user has to worry about, the more likely they are going > to successfully examine their message and determine it's origin. > > tom _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
