Re: [ietf-dkim] SSP security relies upon the visual domain appearance

ietf-dkim

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: [ietf-dkim] SSP security relies upon the visual domain appearance

2005-11-18 09:26:21

from [Dave Crocker]

[Permanent Link]

The "From:" header should not be signed if it contains more than onesending address. ...

Does anyone see such a statement as causing a problem?


I see it as needless and futile micromanagement.  The point of a DKIM
signature is that the signer is taking responsibility for the message.

...

  But for the basic DKIM, a signer can sign anything he's
willing to, and please leave it at that.

A small lesson from this exchange is to note both that this indicates thatwe understand doing SSP work far less than we understand doing basic signingwork, and that coupling the two in our work could actually hurt thetechnical aspects of the base mechanism, not just delay it.

d/

ps. there was a suggestion to have the 'do not sign an rfc2822.From that hasmultiple addresses' directive me in the threat analysis document. i wouldthink that the ta document should not have normative specifications.


--

Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
ietf-dkim mailing list
http://dkim.org

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] SSP security relies upon the visual domain appearance, (continued) Re: [ietf-dkim] SSP security relies upon the visual domain appearance, SM Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Hector Santos Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Douglas Otis Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Stephen Farrell Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Douglas Otis Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Stephen Farrell Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Arvel Hathcock Re: [ietf-dkim] SSP security relies upon the visual domain appearance, John Levine [ietf-dkim] multi-From (was: SSP security relies upon the visual domain appearance), Frank Ellermann Re: [ietf-dkim] SSP security relies upon the visual domain appearance, John Levine Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Dave Crocker <= Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Stephen Farrell Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Michael Thomas Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Hector Santos Re: [ietf-dkim] SSP security relies upon the visual domain appearance, John R Levine Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Dave Crocker Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Douglas Otis Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Dave Crocker Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Hector Santos Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Douglas Otis Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Hector Santos

Previous by Date:	RE: [ietf-dkim] SSP security relies upon the visual domain appearance, Bill.Oxley
Next by Date:	Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Stephen Farrell
Previous by Thread:	Re: [ietf-dkim] SSP security relies upon the visual domain appearance, John Levine
Next by Thread:	Re: [ietf-dkim] SSP security relies upon the visual domain appearance, Stephen Farrell
Indexes:	[Date] [Thread] [Top] [All Lists]