Jim Fenton wrote:
Mark Delany wrote:
On Thu, Mar 09, 2006 at 03:09:36PM +0000, Stephen Farrell allegedly wrote: >
I think what happened here is that in writing this section I fell "out
of character" for a threats document. It's definitely not intended to
be normative; nothing here is because threat analyses are
informational. What I meant to say was something more like:
A related threat is the exploitation of weaknesses in the delegation
process itself. This threat can be mitigated through the use of
standard precautions against the theft of private keys and the
falsification of public keys in transit. For example, the exposure to
theft can be minimized if the delegate generates the keypair to be used,
and sends the public key to the domain owner. The exposure to
falsification (substitution of a different public key) can be reduced if
this transmission is signed by the delegate and verified by the domain
owner.
Sound better, and less normative-leaning?
Works perfectly for me.
S.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html