ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Re: New Issue: TLD key publication and signing

2006-02-21 09:23:41
from [Michael Thomas] [Permanent Link] 
Andrew Newton wrote:


On Feb 21, 2006, at 10:22 AM, Michael Thomas wrote:


It should be noted that the only thing this affects is SSP.
A delegation cannot be overridden for selectors with the
exception of gross manipulation of NS records which is not
a dkim specific threat.



I guess I don't understand your point.
If the delegation of a domain name can be retargetted to another set of name servers, can't those name servers synthesize any necessary selectors such as with a wildcard? 

I do agree that this problem is not specific to DKIM.


Yes.

I had forgotten about the d= in the signature, but the point
I was trying to make is that with SSP, all a TLD would need
to do is install a policy and it would cover the entire
DNS space that doesn't have a more specific policy. Sort of
like Verisign's "site finder" :) Registrars wield a lot of
power in the DNS world...

                Mike
_______________________________________________
NOTE WELL: This list operates according to http://dkim.org/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] issue with DKIM simple header algorithm and milter-based implementations, Tony Hansen
Next by Date:  Re: [ietf-dkim] issue with DKIM simple header algorithm and milter-based implementations, Michael Thomas
Previous by Thread:  Re: [ietf-dkim] Re: New Issue: TLD key publication and signing, Andrew Newton
Next by Thread:  Re: [ietf-dkim] Re: New Issue: TLD key publication and signing, Peter Koch
Indexes:  [Date] [Thread] [Top] [All Lists]