ietf-dkim
[Top] [All Lists]

RE: [ietf-dkim] OT o=. (was: New Issue: 4.2 needs new Attack Item:Inconsistent Signature vs Policy Attacks)

2006-01-31 10:11:14
Oops.  You're right.  I was probably confusing this with WEAK.

-Jim

 -----Original Message-----
From:   Frank Ellermann [mailto:nobody(_at_)xyzzy(_dot_)claranet(_dot_)de]
Sent:   Tue Jan 31 08:46:52 2006
To:     ietf-dkim(_at_)mipassoc(_dot_)org
Subject:        [ietf-dkim] OT o=. (was: New Issue: 4.2 needs new Attack 
Item:Inconsistent Signature vs Policy Attacks)

Jim Fenton wrote:

Example loopholes:

1) A message is signed, but the SSP indicated a "o=." (No
   mail expected from domain).

There has been a lot of discussion of "o=." but it's not
actually in the current version of the SSP draft.

Did you confuse this with WEAK ?  Or do you have a fresher copy
of the draft ?  My copy draft-allman-dkim-ssp-01 still has o=.
on <http://tools.ietf.org/html/draft-allman-dkim-ssp-01#page-9>

                               Bye, Frank


_______________________________________________
ietf-dkim mailing list
http://dkim.org
_______________________________________________
ietf-dkim mailing list
http://dkim.org
<Prev in Thread] Current Thread [Next in Thread>
  • RE: [ietf-dkim] OT o=. (was: New Issue: 4.2 needs new Attack Item:Inconsistent Signature vs Policy Attacks), Jim Fenton \(fenton\) <=