dkim-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [dkim-dev] DomainKeys vs DKIM: Identifying the Sending Domain

2007-05-04 15:50:50
from [Murray S. Kucherawy] [Permanent Link] 
On Fri, 4 May 2007, Douglas Otis wrote:
No sender assurances exist to safely permit an inference that a specific email-address is genuine when matched against the signing domain. That is an opaque function of the signing domain.
If I get mail which was signed by example.com, the signature verifies, and the From: contains an example.com address, on what grounds other than arbitrary ones would I distrust the contents of the From: header?
Certainly someone could've hacked example.com's machines or found a way to generate mail that they will sign, but that doesn't change what you can infer from DKIM. If I'm willing to trust that their machines are safe, my assertion is sound. 

-MSK
_______________________________________________
dkim-dev mailing list
dkim-dev(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-dev
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [dkim-dev] DomainKeys vs DKIM: Identifying the Sending Domain, Murray S. Kucherawy
Next by Date:  Re: [dkim-dev] DomainKeys vs DKIM: Identifying the Sending Domain, Murray S. Kucherawy
Previous by Thread:  Re: [dkim-dev] DomainKeys vs DKIM: Identifying the Sending Domain, Murray S. Kucherawy
Next by Thread:  Re: [dkim-dev] DomainKeys vs DKIM: Identifying the Sending Domain, Murray S. Kucherawy
Indexes:  [Date] [Thread] [Top] [All Lists]