ietf-dkim
[Top] [All Lists]

[ietf-dkim] Re: New Issue: TLD key publication and signing

2006-02-15 12:09:38
John Levine wrote:

RFC 3833 already has a threat analysis of the DNS.  Please,
let's just point to that and be done with it.

+1  

It would obscure real issues in threats-01 if all details of
doing interesting things with DNS are analyzed.  We can pick
an obvious worst case like "evil name server" as example, say
that DKIM isn't DNSSEC or ICANN or what else, point to some
relevant documents, and then focus on the real DKIM threats:

So far that's apparently replay, and attack from the inside.
As worst case their combination into "chosen message replay".

"Stolen key" and similar oddities are less relevant.  Bye


_______________________________________________
NOTE WELL: This list operates according to 
http://dkim.org/ietf-list-rules.html