Replay is an issue in the application of DKIM to real world problems.
Clearly there must be an answer to the replay issue, but it does not
follow that this must be developed in MASS.
The replay issue only really affects Web Mail hosts, there may be
something of an effect for some ISPs but I doubt it. In either case
controls to prevent bulk enrollment are likely to provide a sufficient
first line of defense.
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Douglas Otis
Sent: Monday, September 12, 2005 2:25 PM
To: Jim Fenton
Cc: IETF-DKIM; IETF MASS
Subject: [ietf-dkim] Re: MASS/DKIM interim minutes posted
On Sep 9, 2005, at 8:44 AM, Jim Fenton wrote:
Presentation slides and interim minutes from the MASS (DKIM) BoF at
IETF 63 in Paris have been posted to the IETF website:
https://datatracker.ietf.org/public/proceeding_interim.cgi?
meeting_num=63
(search for "MASS")
(Doug Otis): Replay abuse is a problem; don't consider the spec as
written as sufficient. {Exclusion of reputation from the
charter is a
problem; it needs more visibility.}
I do not recall my exact words, I am sure this was not what I said.
"The impact upon the domain's reputation has not received sufficient
consideration either." I have attempted to expand upon that issue
within the mass-reputation draft. This is _not_ related to
establishing reputation or accreditation services, as seemingly
understood. I have steadfastly said these services are a separate
issue, while protecting one's reputation is not.
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org
_______________________________________________
ietf-dkim mailing list
http://dkim.org