Oops. You're right. I was probably confusing this with WEAK.
-Jim
-----Original Message-----
From: Frank Ellermann [mailto:nobody(_at_)xyzzy(_dot_)claranet(_dot_)de]
Sent: Tue Jan 31 08:46:52 2006
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: [ietf-dkim] OT o=. (was: New Issue: 4.2 needs new Attack
Item:Inconsistent Signature vs Policy Attacks)
Jim Fenton wrote:
Example loopholes:
1) A message is signed, but the SSP indicated a "o=." (No
mail expected from domain).
There has been a lot of discussion of "o=." but it's not
actually in the current version of the SSP draft.
Did you confuse this with WEAK ? Or do you have a fresher copy
of the draft ? My copy draft-allman-dkim-ssp-01 still has o=.
on <http://tools.ietf.org/html/draft-allman-dkim-ssp-01#page-9>
Bye, Frank
_______________________________________________
ietf-dkim mailing list
http://dkim.org
_______________________________________________
ietf-dkim mailing list
http://dkim.org