At 5:57 PM -0700 6/8/06, Douglas Otis wrote:
But this is the issue being discussed. These are serious security
concerns. There is zero containment of local-part namespace between
any subdomains. This too becomes a serious concern and is one of
the problems created. Even if a higher level domain wanted to do
DKIM safely, the MUA signing feature would be a disaster as a result
of this dubious feature.
The WG already accepted the feature after active discussion. Trying
to use the Security Considerations section to make the feature seem
"dubious" feels like an attack on the WG consensus process.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html