ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] SSP security relies upon the visual domain appearance

2005-11-18 03:41:43

Ah. I need to restate the question a bit. Sorry.

What I was asking was whether the following would be a good
or bad idea.

- Define some (few, simple) rules for when messages MUST NOT be
  DKIM-signed (e.g. those that contain >1 From address)
- When a signer is presented with such a message, it doesn't sign
  it, or forward it, but bounces/deletes it (whatever the right
  mail thing to do is).

If that were reasonable, (and I don't claim to know), then our
threat analysis could result in us defining some such rules in
order to counter some of the vulnerabilities we consider.

Stephen.


_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>