Re: [ietf-dkim] updated threat analysis outline

ietf-dkim

Re: [ietf-dkim] updated threat analysis outline

2005-08-24 11:08:54


On Aug 24, 2005, at 7:11 AM, Tony Finch wrote:

Thanks for your suggestions. I've made a note of them

On Tue, 23 Aug 2005, Douglas Otis wrote:
This has been called a revocation-identifier in the past.  It may be
described as a type of domain-cookie, or opaque-identifier.  It would
permit a revocation mechanism and enable opportunisticidentificationsthat could even detect cross-domain forgery without any mailbox-address
constraints being applied.
Could you expand on this last sentence? I missed any description ofit you
may have posted already.

I don't think you were involved in Phase I of MASS. I have made adraft that expresses this idea, in addition to the comments made onthe list.


http://www.ietf.org/internet-drafts/draft-otis-mass-reputation-01.txt

See section 8.  Abating the replay attack

-Doug


_______________________________________________
ietf-dkim mailing list
http://dkim.org

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] Not exactly not a threat analysis, (continued) Re: [ietf-dkim] Not exactly not a threat analysis, Ned Freed Re: [ietf-dkim] Not exactly not a threat analysis, Scott Kitterman Re: [ietf-dkim] Not exactly not a threat analysis, Arvel Hathcock Re: [ietf-dkim] Not exactly not a threat analysis, Michael Thomas [ietf-dkim] Re: SSP and DKIM, was Not exactly not a threat analysis, John Levine Re: [ietf-dkim] Re: SSP and DKIM, was Not exactly not a threat analysis, Arvel Hathcock Re: [ietf-dkim] Re: SSP and DKIM, was Not exactly not a threat analysis, John Levine [ietf-dkim] updated threat analysis outline, Tony Finch Re: [ietf-dkim] updated threat analysis outline, Douglas Otis Re: [ietf-dkim] updated threat analysis outline, Tony Finch Re: [ietf-dkim] updated threat analysis outline, Douglas Otis <= Re: [ietf-dkim] updated threat analysis outline, Tony Finch Re: [ietf-dkim] updated threat analysis outline, Douglas Otis Re: [ietf-dkim] updated threat analysis outline, Tony Finch Re: [ietf-dkim] updated threat analysis outline, Douglas Otis Re: [ietf-dkim] updated threat analysis outline, Tony Finch Re: [ietf-dkim] updated threat analysis outline, Douglas Otis Re: [ietf-dkim] Not exactly not a threat analysis, Arvel Hathcock Re: [ietf-dkim] Not exactly not a threat analysis, domainkeys-feedbackbase02 Re: [ietf-dkim] Not exactly not a threat analysis, Earl Hood Re: [ietf-dkim] Not exactly not a threat analysis, John R Levine

Previous by Date:	RE: [ietf-dkim] Is accountability binary?, Hallam-Baker, Phillip
Next by Date:	RE: [ietf-dkim] Is accountability binary?, John R Levine
Previous by Thread:	Re: [ietf-dkim] updated threat analysis outline, Tony Finch
Next by Thread:	Re: [ietf-dkim] updated threat analysis outline, Tony Finch
Indexes:	[Date] [Thread] [Top] [All Lists]