,---
|2.2. Capabilities
|
| 4. Ability to "wiretap" some existing traffic, perhaps from a
| wireless network.
|
| Either of the first two of these mechanisms could be used to allow
| the bad actor to function as a man-in-the-middle between sender and
| recipient, if that attack is useful.
'---
: 4. Ability to eavesdrop on existing traffic, perhaps from a wireless
: network, LAN, cable or DSL modem.
:
: Either of the first two of these mechanisms could be used to allow
: the bad actor to function as a man-in-the-middle between sender and
: recipient, if that attack is useful. The forth of these mechanisms,
: with exposure of all or just broadcast packets, might allow the
: hijacking of sessions or services and also permit a man-in-the-middle
: attack.
The term "wiretap" was replace with eavesdrop. Wiretap is a term
generally used to indicate the monitoring of the telephone line,
whereas eavesdrop provides a broader definition that does not
immediately seem contradicted by describing as applying to wireless
networks. The ability to eavesdrop may also all the hijacking of
sessions and services and may permit man-in-the-middle attacks.
The suggested changes to date are compared here:
http://www.sonic.net/~dougotis/dkim/dkim-threat-00-otis-a.html
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org