[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Jim Fenton
If we were to include this in the threat document, it would
need to go into a new category because it's not a threat to
the signature mechanism nor to SSP, but rather an attack on
DNS that might be facilitated by DKIM. I'm not sure whether
this is in-scope for the threat document or not, but it would
be an expansion of its current scope to include it.
Actually this class of threat is the one class that I think the IESG
needs to police above all.
I am not very worried about bad crypto being a threat to the Internet,
errors get fixed faster than people think. If we had deployed DNSSEC in
2001 and opt-in had turned out to be a mistake as some people's
intestines were claimed to indicate it would be fixed by now (at least
the Romans made an empirical examination of the entrails they were
relying on for prognostication).
I am worried about the risk of run amok protocols or protocols with
large cascaded amplification effects. DKIM provides for a certain degree
of amplification but only one stage is possible and at base there is not
actually a major difference in cost between 100 byte packets and 500
byte packets. Switching is going to be the main cost at that packet
size.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html