ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Review of draft-fenton-dkim-threats-01

2005-10-29 12:04:21
Michael Thomas <mike(_at_)mtcc(_dot_)com> writes:

Eric Rescorla wrote:
Dave Crocker <dhc(_at_)dcrocker(_dot_)net> wrote:


What I would have expected in a threat analysis of this type is that
one would start with a relatively broad view of the type of system
one was considering developing ("server-based message-based signatures
to prevent mail forgery") and then describe potential attacks on
such systems and the types of countermeasures that can be used to
protect against them.

Eric,

We seem to be suffering from trying to hit a moving target.
Hmm... Maybe, but I think my comments are in line with comments
I've made previously. It's possible that my comments don't
agree with Russ's, of course.

That's seems to be the genesis. Hence my comments to the ietf list
a couple of months ago. What would you have us do since this seems
to be a meta argument between you and our AD?

A meta-argument? Are you saying that you think that Russ would like
you NOT to do the analysis I suggested? I'd be quite surprised to hear
that.

It's certainly possible that he would be satisfied if you don't do
so, but I don't so how that implies that I shouldn't want to see
such analysis done.

-Ekr

_______________________________________________
ietf-dkim mailing list
http://dkim.org