DKIM Author Domain Signing Practices (ADSP) Security Issues
draft-otis-dkim-adsp-sec-issues-03
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Author | Douglas Otis | ||
| Last updated | 2008-09-30 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The proposed [I-D.ietf-dkim-ssp] defines DNS records that advertise the extent to which a domain employs [RFC4871] to sign [RFC2822] messages, and defines how other hosts can access these advertisements. Its laudable goal is to allow domains control over the use of the From header field. When a message is not adequately signed, advertised assertions, referenced by a domain in the From header field, assist in resolving the message's intended disposition. Rather than dealing with keys that impose a restriction on the "on- behalf-of" identity as a separate security consideration to be handled independently from an assertion that a domain signs their messages, [I-D.ietf-dkim-ssp] instead employs a flawed two-stage signature validation process that works in conjunction with advertised practices. The two-stage approach will most likely occur after message acceptance, and impairs the range of authentication assertions permitted by a single signature. The limitations on authentication assertions inhibits tactics needed to deal with replay abuse. As currently structured, advertised practices not only assert whether a signature should be expected, they also constrain the "on-behalf-of" identity applied by signing agents that are not otherwise so restricted by [RFC4871]. By constraining the "on- behalf-of" identity for all signing agents, the draft neglects the predominate role of the domain as a point of trust, and incorrectly assumes the signature is limited to supporting assertions regarding the identity of the author. By limiting the DKIM signature's "on- behalf-of" value to being representative of only the message's author, the draft goes well beyond the working group's charter and appears to infringe on S/MIME's and OpenPGP's role. [I-D.ietf-dkim-ssp] impairs security in other ways as well, such as the only directly actionable practice is defined using a term likely to negatively impact the integrity of delivery status. Fortunately minor changes to the definition of a compliant signature can remedy the impairment created, where the critical security issues are best handled independent of any [I-D.ietf-dkim-ssp] assertion.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)