Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does no

ietf-dkim

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?

2005-08-19 09:35:23

from [Dave Crocker]

[Permanent Link]

On 19 Aug 2005 16:14:06 -0000, John Levine wrote:

 A third-party signature is a lot weaker assertion than an OA signature,
 unless you know something about the third party.


 Seems to me that no signature is useful unless you know something about the
 signing party.


That nicely summarizes the problem I have with the fixation of *requiring* a 
tie-in to the origination domain.

It's not that the tie-in does not provide incremental benefit.  It is that it 
is 
incremental, rather than fundamental. 

Today we have no confirmable domain name identity to assess.  With the DKIM 
basic mechanism, we do.  That's not a small improvement in the world.

 DKIM will be useful in the short run because we all have quite a lot of
 knowledge about domains with which we exchange a lot of mail, and that lets
 us get their mail out of the filtering path.


Exactly.



  d/
  ---
  Dave Crocker
  Brandenburg InternetWorking
  +1.408.246.8253
  dcrocker  a t ...
  WE'VE MOVED to:  www.bbiw.net



_______________________________________________
ietf-dkim mailing list
http://dkim.org

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, (continued) Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Jim Fenton Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Jim Fenton Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, John Levine Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Dave Crocker <= Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Scott Kitterman Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Arvel Hathcock Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Dave Crocker Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Arvel Hathcock Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Tony Finch Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Arvel Hathcock Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP recorddoesnot exist?, Arvel Hathcock

Previous by Date:	Re: [ietf-dkim] DKIM Threat Analysis v0.06, Scott Kitterman
Next by Date:	Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, John Levine
Previous by Thread:	Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, John Levine
Next by Thread:	Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Scott Kitterman
Indexes:	[Date] [Thread] [Top] [All Lists]