This might be a concise and accurate statement of what DKIM is trying
to do , but it's not a good basis with which to start a threat
analysis. If you try to use it as a basis for a threat analysis you
will be trying to define the problem in terms of a proposal for a
solution.
True. I was thinking that I would compare DKIM vs. other signature
schemes like S/MIME and PGP to see what problems it solves that they
don't, since that's presumably the threats that need to be addressed.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.
_______________________________________________
ietf-dkim mailing list
http://dkim.org