ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?

2005-08-24 07:03:15
from [Scott Kitterman] [Permanent Link] 
...... Original Message .......
On Tue, 23 Aug 2005 22:23:15 -0700 Douglas Otis 
<dotis(_at_)mail-abuse(_dot_)org> 
wrote:
...

It seems to me that your proposed approach is anything but simple.  It 
would appear to me that you want to trade the direct, obvious, near-term 
benifits of a defined deterministic Sender Signing Policy (I'm not saying 
the current draft is perfect) for an uncertain, undesigned, and 
undocumented automated abuse reporting infrastructure.

You get to call this 'simple' from a DKIM perspective only by declaring all 
this complexity external to DKIM.  

Scott Kitterman
_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] Re: Not exactly not a threat analysis, Frank Ellermann
Next by Date:  Re: [ietf-dkim] updated threat analysis outline, Tony Finch
Previous by Thread:  RE: [ietf-dkim] DKIM vs. S/MIME and OpenPGP, Hallam-Baker, Phillip
Next by Thread:  Re: [ietf-dkim] DKIM SSP: Security vulnerability when SSP record does not exist?, Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]