On October 17, 2005 at 09:07, Dave Crocker wrote:
2. Incompatibility comes in a variety of forms. I think that for our
purposes, the most significant different is between a change that
permits senders to continue with their old behaviors (over the wire) and
still have signatures work for receivers who have upgraded. By
contrast, requiring both senders and signers to change, in order to
interoperate, is a massive barrier to entry for the installed base.
Hector raised a good point about attackers being able to exploit
this. I.e. If standardized DKIM is more secure, attackers will
exploit the legacy user base to get around the more secure version.
A good example is the flaws in SSP that facilitate spoofing.
People who have adopted DK/DKIM now should realize that the technology
is experimental, willing to take the risks and costs associated
with deploying experiments.
It is definitely worth considering the current user base of the
experimental proposals since not doing so can hinder adoption. However,
security matters should trump this, especially if vulnerabilities
are already known.
--ewh
_______________________________________________
ietf-dkim mailing list
http://dkim.org