Just want to clarify
You want to ensure that wildcards and i,g tags can delimit subdomains,
is that correct?
Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill(_dot_)oxley(_at_)cox(_dot_)com
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Douglas Otis
Sent: Thursday, June 08, 2006 8:07 PM
To: Paul Hoffman
Cc: IETF-DKIM
Subject: Re: [ietf-dkim] Underscore considerations
On Jun 8, 2006, at 5:00 PM, Paul Hoffman wrote:
At 4:35 PM -0700 6/8/06, Jim Fenton wrote:
Let's try to construct the problem case: Suppose someone managed to
register _domainkey.com. They could then publish keys in that
domain,
and sign arbitrary messages on behalf of .com. That's obviously a
Bad
Thing.
Er, why? It is only bad if someone signs messages with "d=com",
which is unlikely.
Assume that a recipient expects to see the email-address validation
annotation. A bad actor that has obtained or compromised a key at
this location could then sign messages and recipients could see all
the email-address using *.com annotated as having be validated. This
validation, as currently defined in DKIM, is to be accepted.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html