Dave Crocker <dhc(_at_)dcrocker(_dot_)net> wrote:
What I would have expected in a threat analysis of this type is that
one would start with a relatively broad view of the type of system
one was considering developing ("server-based message-based signatures
to prevent mail forgery") and then describe potential attacks on
such systems and the types of countermeasures that can be used to
protect against them.
Eric,
We seem to be suffering from trying to hit a moving target.
Hmm... Maybe, but I think my comments are in line with comments
I've made previously. It's possible that my comments don't
agree with Russ's, of course.
The task that Russ originally assigned was to describe the threats
that DKIM is designed to respond to. In other words, what problems
are there -- without DKIM -- that the addition of DKIM would fix?
That is, of course, quite different from describing attacks on DKIM,
which seems to be what you have just described.
No, I don't think that's what I'm describing. Indeed, my problem
with the current draft is largely that it's too narrowly focused
on DKIM. What I'm interested in seeing is:
1. A description of the problem you're trying to solve.
As I noted here previously, I don't think it's sufficient to
just say that it's "forgery" while taking it out of the true
context, which is spam.
2. A description of the generic architecture that you think will
help solve the problem and why.
3. Some indication of what the expected attacks on this kind of
architecture are.
-Ekr
_______________________________________________
ietf-dkim mailing list
http://dkim.org