ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] New Issue: 4.2 needs new Attack Item: InconsistentSignature vs Policy Attacks

2006-01-31 17:10:46
from [J.D. Falk] [Permanent Link] 
On 2006-01-31 15:20, Douglas Otis wrote:
2. the "spammers have co-opted DomainKeys wtf omg" story was last year: http://www.eweek.com/article2/0,1759,1732576,00.asp? kc=EWNKT0209KTX1K0100440 

Re #2, the sky has not yet fallen.
By the same token, this story points out that basing reputations upon an authenticated DKIM signature is also a mistake. Reputations can only be based upon a "trusted" signing-domain.
I'd word that statement a bit differently, but either way I think this horse has been sufficiently beaten. No need to beat it again. 

--
J.D. Falk, Anti-Spam Product Manager
Yahoo! Communications Platform Team
_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] Re: the Internet is inherently insecure, Frank Ellermann
Next by Date:  Re: [ietf-dkim] New Issue: 4.2 needs new Attack Item: InconsistentSignature vs Policy Attacks, Douglas Otis
Previous by Thread:  Re: [ietf-dkim] New Issue: 4.2 needs new Attack Item: InconsistentSignature vs Policy Attacks, Douglas Otis
Next by Thread:  Re: [ietf-dkim] New Issue: 4.2 needs new Attack Item: InconsistentSignature vs Policy Attacks, Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]