Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does no

ietf-dkim

Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?

2005-08-19 17:07:48

from [SM]

At 12:19 18-08-2005, Earl Hood wrote:

As for the receiver making the final decision, all receiver
implementation should generate the same result on the same message
(at the DKIM level).  There should not be room for ambiguity and
variability, this can lead to exploitation.

That is where implementation guidelines can help. If we want toprevent ambiguity and variability, it will come at the cost ofrestrictions on how email is used. If a domain elects not to have aSSP record, we can assume that the owner does not want DKIM.


Regards,

-sm

_______________________________________________
ietf-dkim mailing list
http://dkim.org

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, (continued) Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Jim Fenton Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Jim Fenton Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Jim Fenton Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Jim Fenton Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, SM Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, SM <= Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Scott Kitterman Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Scott Kitterman

Previous by Date:	Re: [ietf-dkim] Not exactly not a threat analysis, Jim Fenton
Next by Date:	Re: [ietf-dkim] DKIM Threat Analysis v0.06, SM
Previous by Thread:	Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood
Next by Thread:	Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis
Indexes:	[Date] [Thread] [Top] [All Lists]