Comment 22 for bug 316272
Revision history for this message
| Martin Pool (mbp) wrote Re: [Bug 316272] Re: launchpad should verify gmail or DomainKeys authenticators | #22 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
On 17 June 2010 22:19, Gavin Panella <email address hidden> wrote:
>> From header validity isn't assured by DKIM. What other basis for
>> this assurance do you have?
Scott, I want to assume good faith but that statement is so terse that
it is likely to mislead people.
What I think Scott means is that DKIM does not guarantee the From
header is "true". (Note that DKIM requires the From header be
signed.) It can give us good assurance that example.com asserted that
a particular message left example.com with a particular From header,
and that the header was not modified in transit.
If we have a message From example.com and signed by example.com then either:
1- it actually did come from the purported user and we can trust it
2- example.com is an open relay that will sign and forward messages
from anyone who cares to pretend to be in example.com
2a- as a special case, example.com is not a totally open relay but
will allow <email address hidden> to impersonate <email address hidden>
Are there other possibilities?
I'm sure there are domains in class 2, either intentionally or because
they've been compromised or because they're misconfigured. But we
already have to trust the user's email host to some extent and we rely
on them to choose one they feel is sufficiently safe.
It seems like a reasonable assumption that major providers will not be
in class 2. (Or at least not except for hopefully narrow windows of
brokenness.)
One can have a semi-philosophical discussion about whether "From: mbp"
really means from a particular human but for our purposes we assume
that if the user nominates an address for that account, it really is
them.
--
Martin