ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Charter bashing...

2005-10-12 09:35:45


Michael Thomas wrote:
Stephen Farrell wrote:

What people do consider necessary is a policy tag on a key record that
specifies something like 'this key can only sign email from
marketing(_at_)example(_dot_)com so that the bulk mailer hired to do a promo 
can't
then impersonate the CEO.


Its still tricky though since it allows me to make bogus assertions.

However, I do understand the application requirement, but do we have
to meet that via creating key/(dis)allowed-domain bindings in a
dkim protocol? Perhaps we do, but then the threat analysis has to
go into a good bit of detail here since that assertion structure
will be used as the basis of attacks.


  Huh?

What's not clear?

Stephen.


        Mike



_______________________________________________
ietf-dkim mailing list
http://dkim.org