ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Meaning of x= and DKIM signatures in general

2006-04-13 07:37:39
C) You duck out of the rain into a building which turns out to be a
courthouse. ...

You say that anyone could have added that signature, there being
no binding from the public key to the purported signer (i.e. no PKI,
which does exist for a reason) therefore DKIM stuff should be
weighed just exactly as much as an IP address in a logfile and no
more. If that doesn't work there are many other defensive avenues
to try, but "x=" is irrelevant here.

My question is how does the age of the log entry or signature affect its
credibility and usefulness.  In the presence of x= or a fixed time limit,
how much more credible is the entry two seconds before the time limit ends
relative to two seconds after?

If the answer is "not very", that tells me that both x= and fixed time
limits are a mistake.

Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet 
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I shook hands with Senators Dole and Inouye," said Tom, disarmingly.
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html