ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] over-the-wire (in)compatibility between pre-IETF DKIMand (eventual) IETF DKIM

2005-10-19 14:23:41
from [Earl Hood] [Permanent Link] 
On October 18, 2005 at 18:53, "Arvel Hathcock" wrote:


This behavior raises a security problem since such
senders will go with policies that lean towards
delivery versus potential security threats.


If I'm understanding you rightly you are arguing against the o=~ or 
"relaxed" policy provisions in SSP right?


No.  Just trying to understand how senders operate, and how their
policies can affect the effectiveness of DKIM in general and the
security implication of senders' behaviors to DKIM.  Adequate security
analysis cannot be done without understanding how users operate.

I do think signers need to be made aware of the risks of using
relaxed policies.

During transition, relaxed policies will definitely be needed, but
if DKIM becomes the norm, relaxed policies will hopefully go away.

--ewh
_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] list config, was Admilistrivia question, Earl Hood
Next by Date:  Re: [ietf-dkim] over-the-wire (in)compatibility between pre-IETF DKIMand (eventual) IETF DKIM, Earl Hood
Previous by Thread:  Re: [ietf-dkim] over-the-wire (in)compatibility between pre-IETF DKIMand (eventual) IETF DKIM, Douglas Otis
Next by Thread:  Re: [ietf-dkim] over-the-wire (in)compatibility between pre-IETFDKIMand (eventual) IETF DKIM, Arvel Hathcock
Indexes:  [Date] [Thread] [Top] [All Lists]