Re: [ietf-dkim] Not exactly not a threat analysis

ietf-dkim

Re: [ietf-dkim] Not exactly not a threat analysis

2005-08-15 13:25:26

On August 15, 2005 at 09:53, Douglas Otis wrote:

The term "responsible for the message" gives the impression of  
authorship.  How about "accountable for permitting the submission of  
the message (by an unknown author)"?


According to Webster, "responsible" and "accountable" are basically
interchangeable.

I think your second sentence hits a key point, "What form of
responsibility does a signer take when it signs a message?".  Is it
responsible for allowing the submission of the message?  Is it
responsible for the contents of the message?  Both?

Taking responsibility on the submission of a message is different
than responsibility of its contents.

BTW, as DKIM is currently defined, a DKIM signature may not be by the
party that allowed initial submission of the message.  DKIM either
needs stronger binding semantics, or it needs to limit when signing
can be done.

Be explicit about roles.


Agreed.

--ewh
_______________________________________________
ietf-dkim mailing list
&lt;http://dkim.org&gt;

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] Not exactly not a threat analysis, (continued) Re: [ietf-dkim] Not exactly not a threat analysis, Douglas Otis Re: [ietf-dkim] Not exactly not a threat analysis, Arvel Hathcock Re: [ietf-dkim] Not exactly not a threat analysis, Michael Thomas [ietf-dkim] semantics of message signing, Keith Moore Re: [ietf-dkim] semantics of message signing, Jim Fenton Re: [ietf-dkim] Not exactly not a threat analysis, Hector Santos Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood Re: [ietf-dkim] Not exactly not a threat analysis, SM Re: [ietf-dkim] Not exactly not a threat analysis, Douglas Otis Re: [ietf-dkim] Not exactly not a threat analysis, SM Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood <= Re: [ietf-dkim] Not exactly not a threat analysis, Arvel Hathcock Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood Re: [ietf-dkim] Not exactly not a threat analysis, Michael Thomas Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood Re: [ietf-dkim] Not exactly not a threat analysis, Keith Moore Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood Re: [ietf-dkim] Not exactly not a threat analysis, Arvel Hathcock Re: [ietf-dkim] Not exactly not a threat analysis, Jim Fenton Re: [ietf-dkim] Not exactly not a threat analysis, Keith Moore Re: [ietf-dkim] Not exactly not a threat analysis, domainkeys-feedbackbase02

Previous by Date:	Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood
Next by Date:	Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood
Previous by Thread:	Re: [ietf-dkim] Not exactly not a threat analysis, SM
Next by Thread:	Re: [ietf-dkim] Not exactly not a threat analysis, Arvel Hathcock
Indexes:	[Date] [Thread] [Top] [All Lists]