ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Underscore considerations

2006-06-08 19:01:23


Paul Hoffman wrote:
At 5:57 PM -0700 6/8/06, Douglas Otis wrote:
But this is the issue being discussed.  These are serious security
concerns.  There is zero containment of local-part namespace between
any subdomains.  This too becomes a serious concern and is one of the
problems created.  Even if a higher level domain wanted to do DKIM
safely, the MUA signing feature would be a disaster as a result of
this dubious feature.

The WG already accepted the feature after active discussion. Trying to
use the Security Considerations section to make the feature seem
"dubious" feels like an attack on the WG consensus process.


another view is that it is merely an attempt at some humor, since it is
difficult to imagine taking the concern seriously.

d/

-- 

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html