(this is the last of the re-postings. /d)
-------- Original Message --------
Subject: Re: [ietf-dkim] Review of draft-ietf-dkim-base-00 (1)
Date: Mon, 20 Mar 2006 07:37:02 -0800
From: Eric Rescorla <ekr(_at_)rtfm(_dot_)com>
Reply-To: EKR <ekr(_at_)rtfm(_dot_)com>
To: dcrocker(_at_)bbiw(_dot_)net
CC: DKIM IETF WG <ietf-dkim(_at_)mipassoc(_dot_)org>
References: <20060319174949(_dot_)52D5AB87A(_at_)delta(_dot_)rtfm(_dot_)com>
<441E240F(_dot_)8020601(_at_)dcrocker(_dot_)net> <86u09tqlny(_dot_)fsf(_at_)delta(_dot_)rtfm(_dot_)com>
<441EBDBE(_dot_)9070502(_at_)dcrocker(_dot_)net> <868xr5p2y5(_dot_)fsf(_at_)delta(_dot_)rtfm(_dot_)com>
<441EC763(_dot_)5030000(_at_)dcrocker(_dot_)net>
Dave Crocker <dhc(_at_)dcrocker(_dot_)net> writes:
Well, it certainly is so much easier to write security protocols
if you don't require them to be actually, you know, secure.
Oh. So you see a technical flaw in DKIM?
Please cite it. Please indicate what solutions will resolve it.
Failing that, please explain what you mean.
I thought I was clear in the original message. There are well-known
attacks on DKIM when it is used in the absence of DNSSEC. There's
no secret here--it's explained clearly in both documents. Whether it's
a "flaw" or not is a matter of opinion, of course.
Not too happy about having the word disingenuous applied to the
analysis you posted?
No, just bored.
Have you ever noticed how someone making that statement, at the end of
an energetic exchange that they have not won, mostly never means it?
I wonder if that qualifies as disingenuous?
Whatever.
-Ekr
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html