ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] [Fwd: I-D ACTION:draft-fenton-dkim-threats-02.txt]

2006-01-16 01:11:19

Doug,

Douglas Otis wrote:

On Jan 14, 2006, at 11:33 AM, Stephen Farrell wrote:

The concern is not about leveling the playing field, but rather not giving the large domain a powerful club with which to beat the heck out of smaller domains. This requires avoiding any reason or excuse for an open policy to be published.

I don't get your logic there. What is the relationship between domain size and SSP that gives rise to a (technical) threat? I don't believe there is one.

a) The severity of the threat of being held culpable for an open-end policy reduces as the domain size increases.

Ok. So this is purely subsidiary to your point about open policies
being unfair. I understand now. As I'm not convinced that that point
represents a valid threat I personally don't think that this one
warrants mention either.

When the signing/email domains don't match and "some legitimate messages are not signed or are signed by others" policy is discovered, how does this relate to what what messages are conformant?

That's up to the verifier and not in scope of threats. We might want to discuss a bit when its time to do SSP, but absent any demonstrated threat, its definitely for later I believe.

Contemplating how DKIM may be implemented is beyond consideration?

(Feel free to be contemplative! I'd imagine that involves less typing:-)

If you have some precise, realistic scenario to propose that's ok. But
I for one won't answer inexact open questions such as the above since
I'm not interested in prolonging this thread - which would be the
inevitable consequence of attempting an answer. No thanks.

I think we're done on this in terms of being productive, so I suggest
we give people a chance to catch up, and Jim a chance to get another
revision out (as he's asked).

Stephen.



_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>