-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <bb288a78-c7b4-4455-b9d5-fbc2e73d8...@fahq2.com>, Larry M. Smith <ietf....@fahq2.com> writes
>Experience has shown that threat actors are willing to go to great >lengths to have access to a large pool of resources to abuse and then >rapidly discard.[1] Knowing what object to apply poor reputation to for >the last event often doesn't help for future ones. Indeed so, but reputation systems (because once again to state the obvious, protocols cannot prevent bad email, but they can provide tools for handling it efficiently) may take the view that a brand-new identity that has acted as an intermediary to alter some email is not especially trustworthy... ... mailing lists, alumni-forwarders and the like tend to handle lots of email destined for your mailboxes, so they have a reputation that allows you to view their mail more favourably than mail from an entity you know nothing of. Viz: there is considerable scope for building reputation on top of DKIM2, and one of our documents should explain this. >Additionally, I do >not expect that end users to be able to identify the problems >themselves, not trust that they would be able to identify it before harm >has been done. > >One of the goals of DMARC was "Anti-Phishing", but if DKIM2 allows for >hijacking of messages in flight, and a reuse of authenticated emails, >then I would suggest that there exists significant motivation for >miscreants to abuse this feature. DKIM2 does not "allow for hijacking" any more or less than is the case for existing mail flows. The difference is that some legitimate mail flows (mailing lists for example) are currently unable to document what changes they have made and you have to take what they give you on trust. DKIM2 also requires trust, but you get to verify as well. - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBZ///O2HfC/FfW545EQJirQCfezTOrwp+Y8QC7G6gqNFeVvjFS/YAoOj0 tgECgPAsObCeTcon5tpDLQ79 =Jjdw -----END PGP SIGNATURE----- _______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
