On Sat, Oct 16, 2010 at 12:10:48AM -0400, Dave CROCKER allegedly wrote: > > > On 10/15/2010 8:32 PM, Mark Delany wrote: > > Therefore one could > > argue that DKIM is "protecting" that relationship between the message > > and identifier. > > Clever phrasing. Might be too subtle for general use, but I think it offers > a > perspective that could be useful. > > I think the issue here is that when people talk about protecting a message, > they > tend to have in mind all sorts of attacks designed to trick users. DKIM > actually does not have much to say about such things. > > Yes, it ties an identifier to a bag of bits, and yes it specifies what those > bits are, but it really does deal only with those bits and not (necessarily) > the > entire message.
I have a problem with this approach and I don't pretend to know the right answer. My problem is that if some valuable domain like paypal sends me a bunch of bits that I or my MUA or my MTA ties to paypal.com then the end goal of DKIM is, IMO, that those bunch of bits I "see" are the ones that paypal sent. No more, no less. To murder another idiom: "What you see is what they sent" is I believe the ultimate goal of DKIM. Or, "what you complain about is what they sent". Whatever. So anything that circumvents "what you see is what they sent" I think is in scope for DKIM to eliminate or mitigate. Is that requirement solved in the verification protocol of DKIM or is that solved in advice to MTAs/MUAs? I don't know. But I am sure that if we don't end up with that guarantee, then I do wonder what we are offering. Mark. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
