Re: [ietf-dkim] New Issue: TLD key publication and signing

On Tue, Feb 14, 2006 at 03:21:35PM -0800, Markley, Mike allegedly wrote:

Jim Fenton asked me to write a blurb on this after discussing it with
him at the DKIM conference in Santa Clara.

My understanding of the rules around the domain and the identity of a
message is that the identity (i=) must always be the same as the domain
(d=), OR a subdomain of it. Then, the public key published at
<selector>._domainkey.<domain> will be looked up.

I am not, however, aware of any mechanism for preventing a malicious TLD


Presumably a malicious TLD operator can also change what name servers
answer for your domain in which case they can completely assume your
identity as far as DKIM is concerned.


Mark.
_______________________________________________
NOTE WELL: This list operates according to 
http://dkim.org/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] Re: New Issue: Threat-00 Limiting the scope of trust, Hector Santos

Next by Date:

[ietf-dkim] Re: New Issue: TLD key publication and signing, Frank Ellermann

Previous by Thread:

[ietf-dkim] New Issue: TLD key publication and signing, Markley, Mike

Next by Thread:

[ietf-dkim] Re: New Issue: TLD key publication and signing, Frank Ellermann

Indexes:

[Date] [Thread] [Top] [All Lists]