Re: [ietf-dkim] one more comment I forgot...

ietf-dkim

Re: [ietf-dkim] one more comment I forgot...

2006-01-11 12:24:32

Stephen Farrell wrote:


Yes, but mucking up a signature is already covered in the
draft whereas totally ditching one isn't.

(Perhaps "forwarder" wasn't the right term - if not, mea
culpa.)


From a threat perspective, the two are identical, right? If a
receiver in any way treats broken signatures different than
missing signatures, an attacker can exploit the preferable
treatment trivially.

      Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[ietf-dkim] one more comment I forgot..., Stephen Farrell Re: [ietf-dkim] one more comment I forgot..., Douglas Otis RE: [ietf-dkim] one more comment I forgot..., Bill.Oxley Re: [ietf-dkim] one more comment I forgot..., Stephen Farrell Re: [ietf-dkim] one more comment I forgot..., Michael Thomas <= Re: [ietf-dkim] one more comment I forgot..., Douglas Otis Re: [ietf-dkim] one more comment I forgot..., Stephen Farrell Re: [ietf-dkim] one more comment I forgot..., Jim Fenton Re: [ietf-dkim] one more comment I forgot..., Stephen Farrell [ietf-dkim] Re: one more comment I forgot..., Frank Ellermann

Previous by Date:	Re: [ietf-dkim] one more comment I forgot..., Douglas Otis
Next by Date:	Re: [ietf-dkim] one more comment I forgot..., Douglas Otis
Previous by Thread:	Re: [ietf-dkim] one more comment I forgot..., Stephen Farrell
Next by Thread:	Re: [ietf-dkim] one more comment I forgot..., Douglas Otis
Indexes:	[Date] [Thread] [Top] [All Lists]