Jim Fenton wrote:
In some cases (2821-zoo) it appears you agree
Yes, in other words, if DKIM is all you have - either
as "signer" or as "checker" - it must still make sense.
in others it appears that you are describing new threats
Not really, I just like your idea to sort the threats by
probability and impact. Then I tried to see what it does
with the known ways to get some kind of DKIM PASS result:
Nothing special for "eboy", probability high, impact TBD.
If users are misled to think that a PASS is always good
they'd be in trouble. But we knew that already.
(zombie behind the checking agent)
That's interesting if we start to work on something like
Authentication-Results: "Just fake it from the inside"
is an obvious idea. And "don't let internal mail bypass
the check" is an obvious counter-measure.
Can you provide a list of threats that have not been
mentioned which you think should be included?
Your idea (probability plus impact) is relevant for the
case "zombie before the signing agent". This MUST NOT
happen, the impact could be devastating. Bye, Frank
_______________________________________________
ietf-dkim mailing list
http://dkim.org