On Feb 9, 2006, at 1:56 AM, Eliot Lear wrote:
Attached is the current issues list and the opener. Remember, to
open an issue, put "New Issue" in the header. This list was
generated from rt.psg.com (the roundup stuff isn't yet cooked).
The "Limited scope of trust issue", is perhaps too broad and has
become too large. The current threat draft makes a significant
assumption that resolution of a replay attack will not be based upon
the signing-domain. This concern was the motivation for expanding
upon this threat area.
This issue can be broken down into smaller sections (posted slowly).
Many of these issues have been discussed previously, and prior to the
forming of the DKIM WG. It should be beneficial to arrive at some
conclusion within the threat draft what the specific concerns are and
what might be done to ameliorate them. Trust issues fall into a
broad category of threats that may prevent DKIM from serving as a
basis for acceptance. Reviewing in very general terms how bad acts
are assessed, and then how further bad acts can be blocked seem
rather basic concerns for any protocol.
I also noticed that clicking upon the links that you give require a
sign-in. Did I miss your explanation on how that works? Also, what
is the procedure for making updates?
-Doug
_______________________________________________
NOTE WELL: This list operates according to
<http://dkim.org/ietf-list-rules.html>