----- Original Message -----
From: "Jim Fenton" <fenton(_at_)cisco(_dot_)com>
To: "Hector Santos" <hsantos(_at_)santronics(_dot_)com>
Cc: <ietf-dkim(_at_)mipassoc(_dot_)org>
Sent: Friday, April 21, 2006 8:56 PM
Subject: Re: [ietf-dkim] dkim-base-01: 6.2 - DNS error
This points out another problem: if a verifier defers verification or
acceptance of a given message, it SHOULD maintain enough state so that
the message may be accepted after some number of retries, so that
messages with key retrieval problems are not rejected entirely.
Jim,
Wouldn't that create a loophole?
If you mean, how would the verifier know how many deferrals are
acceptable, you're right that's a problem. If the key can't
(permanently) be retrieved, it's a signature verification failure, and
not in general a reason to reject the message outright, so I don't
consider it to be a loophole in that sense.
I was referring to the bad guy finding out:
'Hey Fellas! All we need to is create error conditions,
beat down the verifier enough so that eventually it
give up and accept our payload. The beauty? No
need to have a correct DKIM signature! Just fake it."
A DKIM Greylisting-like concept is a terrible idea Jim. :-)
IMV, DKIM is a new era of expectations. A domain with a DKIM signature not
only is claiming responsibility for the message, it is also claiming it is
compliant with DKIM.
PS: It is a reason to reject the "transaction."
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html