Keith Moore wrote:
Relative to DKIM's authentication model I'm asking for two things: one
is the ability to separately authenticate successive submissions of
the same message without destroying information about earlier
submission. The other is the ability to authenticate envelope
information in addition to header and body information. I'm asking
for these because I know through long experience that sometimes it's
important to know who originally sent a message, sometimes it's
important to know who last sent a message, and sometimes it's
important to know to whom the message was sent.
The question that gets asked here is: what problem are you trying to solve?
in effect, you're asking me to do the analysis for my threat model. *
it's a reasonable request, but not something I can do within the
timeframe that people seem to expect responses to email messages.
Keith
* because if I stop short of doing a fairly complete analysis, the group
will attack it for incompleteness. if I provide a fairly complete
analysis the group will attack that too, but at least that attack will
be useful.
_______________________________________________
ietf-dkim mailing list
http://dkim.org