[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using DK/IIM [was: Re: So here it is one year later...]

To: Hector Santos <hsantos@xxxxxxxxxxxxxx>
Subject: Re: Using DK/IIM [was: Re: So here it is one year later...]
From: Jim Fenton <fenton@xxxxxxxxx>
Date: Tue, 01 Feb 2005 16:35:08 -0800
Cc: IETF MARID WG <ietf-mxcomp@xxxxxxx>, ietf-mailsig@xxxxxxx
Iim-sig: v:"1.1"; h:"imail.cisco.com"; d:"cisco.com"; z:"home"; m:"krs"; t:"1107304254.233836"; x:"432200"; a:"rsa-sha1"; b:"nofws:2064"; e:"Iw=="; n:"sQYarK2E51MdcTiUqeif3F7cWdxIfoCiXhdfb9vD5ee/j0jXL15gbFxF2p" "XIweAblu0N6XAgK7k+wrbr7bQDJaCDqOmzqpRUBjIRQAXQ7NzadpmR3pUL6wxaRUtW+c43sl9jC" "50Qg1sXHpPjt8Y+Y16ioyQAQAdSunM4YhevURc="; s:"OtSIayfn3ejlVdDBXkImC+7tWviLoD2wN6HBlyofUHTezXKDxNoznNjNxsHSgCuFyjFcs/jU" "Fp3/n3NhzFdh8mMCvHIprbJnanGtnBOQ5+eT/sbAsT9IYI8mFojeE/uPRZT6QPUIjUlqsjr5fw0" "7xrzdVv3eoWMqn2bdmn49b9A="; c:"Date: Tue, 01 Feb 2005 16:35:08 -0800"; c:"From: Jim Fenton <fenton@cisco.com>"; c:"Subject: Re: Using DK/IIM [was: Re: So here it is one year later...]"
Iim-verify: s:"y"; v:"y"; r:"60"; h:"imail.cisco.com"; c:"message from imail.cisco.com verified; "
In-reply-to: <014601c50893$6331a5e0$6401a8c0@hdev1>
List-archive: <http://www.imc.org/ietf-mailsig/mail-archive/>
List-id: <ietf-mailsig.imc.org>
List-unsubscribe: <mailto:ietf-mailsig-request@imc.org?body=unsubscribe>
References: <C6DDA43B91BFDA49AA2F1E473732113E010BEF8B@mou1wnexm05.vcorp.ad.vrsn.com> <x4oef58mwk.fsf@footbone.schlitt.net> <41FE92AD.5090501@cisco.com> <000d01c507dd$0c861d90$6401a8c0@hdev1> <41FFC2EC.7010703@cisco.com> <014601c50893$6331a5e0$6401a8c0@hdev1>
Sender: owner-ietf-mailsig@xxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

This is almost entirely about message signing, so I'm going to at least copy ietf-mailsig, and we should probably move this thread off ietf-mxcomp.

Hector Santos wrote:

Jim, these are legit questions:

1) Who is the signer? MUA or MSA?

MUA, MSA, or some other MTA along the way.

2) How should a MDA handle the following:

What the recipient does with the results of message signing are really up to him/her, but here is what I would probably do:

2a) A domain with DK/IIM published information but a non-DK/IIM payload?

If by "published information" you mean that the domain has published a policy that it signs all messages, then an unsigned message should at the very least be considered very suspect. I would probably just put it in the "spam folder".

2b) A non-DK/IIM domain?

Do what you do today.

2c) Broken DK/IIM message?

Same as an unsigned message. It will be trivial for attackers to create "broken" messages, so a broken signature is really not an indication of anything.

3) What is the role of the intermediatary router MTA?

If it's just providing a message routing function, it does not need to be signature-aware. If it is manipulating the message, it may need to verify and re-sign the message.

4) What is the relationship of the transport parameters; IP, HELO, MAILFROM and RCPTO with a DK/IIM ready payload? What upfront logic can be used?

No relationship. DK/IIM deal only with the payload, and not SMTP itself (unlike the first revision of IIM which used MAILFROM).

5) Since a MDA requires to view the PAYLOAD to validate the DK/IIM, what is the policy for POST-SMTP failed DK/IIM results?

The policy I use is to color code the messages in my MUA using a filter that looks at the authentication results header.

6) Finally, how should gateway transformation systems handle DK/IIM payloads
which may get stripped.  For example, a console based mail system only needs
two parts:

The main headers:

    From:
    To:
    Subject:
    Date:

and the body:

text body

It could do any number of things, like modify the subject line (much as I hate this) or put a warning line at the beginning of the body.

6a) How does this change the mail reader, online and offline? For example, should the presentation software display some "Red Warning Icon" suggesting "Possible Invalid Message?"

That would be nice, when we can get it. For now, I'm happy with coloring the summary line in my MUA, but I suspect that MUAs will come along that can do much more.

-Jim

Prev by Date: Re: Observations on how some mail lists deal with signed (S/MIME and PGP) messages
Previous by thread: MASS Security Review document
Index(es):
- Date
- Thread