Re: [ietf-dkim] What are the security problems of DKIM-BASE worh address

ietf-dkim

Re: [ietf-dkim] What are the security problems of DKIM-BASE worh addressing with policy Concepts?

2006-08-07 06:28:29

Hector Santos:
[ Charset UTF-8 unsupported, converting... ]


----- Original Message -----
From: "Mark Delany" <MarkD+dkim(_at_)yahoo-inc(_dot_)com>

It obvious that there are two relatively strong viewpoints: one the
passive that Dave describes and one the active that, amongst others, I
describe.

...

Do we try and accommodate both? If so, how?


In my opinion,  and I had asked the chair a  week or so to consider this
approach:

I also proposed a straw vote on the fundamental question:

       Do you believe there are security problems
      directly or indirectly related to DKIM-BASE  that are worth
      solving or addressing using a Sender Signer Policy concept?


None. If a message is signed by example.com, then that signature
introduces no security vulnerability, even if the message originates
from some other, unrelated, domain.

        Wietse
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] How to reconcile passive vs active?, (continued) Re: [ietf-dkim] How to reconcile passive vs active?, Dave Crocker Re: [ietf-dkim] How to reconcile passive vs active?, Steve Atkins [ietf-dkim] SSP False positives/negatives, Dave Crocker Re: [ietf-dkim] How to reconcile passive vs active?, Michael Thomas Re: [ietf-dkim] How to reconcile passive vs active?, Damon RE: [ietf-dkim] How to reconcile passive vs active?, Bill.Oxley Re: [ietf-dkim] How to reconcile passive vs active?, Hector Santos Message not available [ietf-dkim] SSP is about obtaining 0% False Positives, Hector Santos Re: [ietf-dkim] How to reconcile passive vs active?, Scott Kitterman [ietf-dkim] What are the security problems of DKIM-BASE worh addressing with policy Concepts?, Hector Santos Re: [ietf-dkim] What are the security problems of DKIM-BASE worh addressing with policy Concepts?, Wietse Venema <= Re: [ietf-dkim] What are the security problems of DKIM-BASE worh addressing with policy Concepts?, Scott Kitterman RE: [ietf-dkim] How to reconcile passive vs active?, Hallam-Baker, Phillip Re: [ietf-dkim] How to reconcile passive vs active?, Damon RE: [ietf-dkim] How to reconcile passive vs active?, Bill.Oxley Re: [ietf-dkim] How to reconcile passive vs active?, Damon Re: [ietf-dkim] How to reconcile passive vs active?, Arvel Hathcock Re: [ietf-dkim] How to reconcile passive vs active?, Damon [ietf-dkim] remote access, Dave Crocker Re: [ietf-dkim] remote access, Scott Kitterman Re: [ietf-dkim] remote access, Hector Santos

Previous by Date:	Re: [ietf-dkim] How to reconcile passive vs active?, Hector Santos
Next by Date:	Re: [ietf-dkim] SSP requirements, Damon
Previous by Thread:	[ietf-dkim] What are the security problems of DKIM-BASE worh addressing with policy Concepts?, Hector Santos
Next by Thread:	Re: [ietf-dkim] What are the security problems of DKIM-BASE worh addressing with policy Concepts?, Scott Kitterman
Indexes:	[Date] [Thread] [Top] [All Lists]