ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] A question about DKIM and Phishing

2006-08-11 06:19:04
from [Stefan Görling] [Permanent Link] 
Hi,
I'm doing some research for a paper on SPF, DKIM and other sender authentication measurements.
I'm a bit puzzled about a fact on: http://en.wikipedia.org/wiki/DomainKeys, and would appriceate if someone could comment this:
"With DomainKeys, the absence of a verifiable digital signature header in an E-mail purporting to be from a domain which has a DomainKeys DNS record may indicate that that E-mail is a forgery. Thus, E-mails may be divided into three classes: 

   * valid DomainKey signature: authentic
   * invalid or missing DomainKey signature for a domain with the DNS
     record: usually forged
   * no DNS record or header: unknown status"
As I have understood it, you can not really find the DomainKey-DNS-record unless you know the selector, which you do not really unless you have a domainKey signature. Is this correct or have I misinterpreted the drafts? 

Best Regards,

Stefan Görling




_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Issue: Requirements #9 NOT REQUIRED for 1st partyvalid signatures., Wietse Venema
Next by Date:  RE: [ietf-dkim] Issue: Requirements #9 NOT REQUIRED for 1stpartyvalid signatures., Bill.Oxley
Previous by Thread:  RE: [ietf-dkim] Lean vs. Fat 'requirements', Hallam-Baker, Phillip
Next by Thread:  Re: [ietf-dkim] A question about DKIM and Phishing, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]