Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does no

ietf-dkim

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?

2005-08-20 09:53:11

from [Scott Kitterman]

[Permanent Link]

Dave Crocker wrote:

On 19 Aug 2005 16:14:06 -0000, John Levine wrote:

A third-party signature is a lot weaker assertion than an OA signature,
unless you know something about the third party.


Seems to me that no signature is useful unless you know something about the
signing party.

That nicely summarizes the problem I have with the fixation of *requiring* atie-in to the origination domain.

Oddly enough I haven't noticed anyone suggesting that the signing entitymust be required to be tied to the orgination domain.

What I have seen is a number of people suggesting that the marginalutility of having a mechanism to *allow* a tie-in to the originationdomain is quite substantial, relatively easy to achieve, and a big boostto incentives for domain owners to deploy DKIM.

I'm sure it won't surprise anyone that I find the resistance to thissimple concept extremely surprising and difficult to fathom.


Scott Kitterman
_______________________________________________
ietf-dkim mailing list
http://dkim.org

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, (continued) Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Jim Fenton Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Jim Fenton Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Earl Hood Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, John Levine Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Dave Crocker Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Scott Kitterman <= Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Arvel Hathcock Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Dave Crocker Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Arvel Hathcock Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Tony Finch Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Arvel Hathcock Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP recorddoesnot exist?, Arvel Hathcock

Previous by Date:	Re: [ietf-dkim] Not exactly not a threat analysis, domainkeys-feedbackbase02
Next by Date:	Re: [ietf-dkim] DKIM Threat Analysis v0.06, Scott Kitterman
Previous by Thread:	Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Dave Crocker
Next by Thread:	Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record doesnot exist?, Arvel Hathcock
Indexes:	[Date] [Thread] [Top] [All Lists]