ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] New DKIM threat analysis draft

2005-10-07 08:47:49
from [John Levine] [Permanent Link] 
Right. It becomes a receiver policy, and while I agree (e.g. with John) 
that this may be hard (John may say impossible or at least unlikely) to 
deploy, why should DKIM `exclude` this?


The simplest reason is that DKIM is signing the 822 message, but the
receipient address is in the 821 envelope, so a signing agent often
won't know what the recipient address will be, and a verifying agent
won't know what the delivery address was.

Keep in mind that nothing we say precludes future experiments, and if
someone confounds my expectations and comes up a way to add path info
into the signature that actually works, we can add it to DKIM 1.1 or
2.0.

R's,
John



I 
_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] New DKIM threat analysis draft, Amir Herzberg
Next by Date:  Re: [ietf-dkim] draft-fenton-dkim-threats-00, Dave Crocker
Previous by Thread:  Re: [ietf-dkim] New DKIM threat analysis draft, Amir Herzberg
Next by Thread:  RE: [ietf-dkim] New DKIM threat analysis draft, Hallam-Baker, Phillip
Indexes:  [Date] [Thread] [Top] [All Lists]