Paul Hoffman wrote:
At 4:35 PM -0700 6/8/06, Jim Fenton wrote:
Let's try to construct the problem case: Suppose someone managed to
register _domainkey.com. They could then publish keys in that domain,
and sign arbitrary messages on behalf of .com. That's obviously a Bad
Thing.
Er, why? It is only bad if someone signs messages with "d=com", which is
unlikely.
By virtue of its delegation model, DNS creates a hierarchy of trust
relationships across administrative boundaries. When crossing a trust boundary,
as one traverses a branch of the DNS, there are various opportunities for abuse
by the parent.
The only thing that might be considered "interesting" about this, with respect
to DKIM, is that DKIM is specifically (and exclusively) a security mechanism.
That heightens both sensitivity to abuse issues and perhaps makes it a bit more
attractive as a target.
It might not be silly of us to have a paragraph that says something along these
lines, in the Security Considerations section. However I see nothing that makes
it any sort of requirement.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html