ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] SSP Responsibility Delegation - Security Concerns

2006-08-16 18:18:38

----- Original Message ----- 
From: "Scott Kitterman" <ietf-dkim(_at_)kitterman(_dot_)com>


On Wed, 16 Aug 2006 16:36:29 -0700 Jim Fenton <fenton(_at_)cisco(_dot_)com> 
wrote:

The one I described:  the inability for a verifier to distinguish 
an author signature generated by the delegate from a third-party 
signature generated by the delegate operating in a different context.

I think this is a good point for an informative note in the spec.  
This is both an operational point for providers and a item 
for domain owners to check on before they delegate SSP signing 
authority.  If one is aware of it up front, I think it's an 
easy problem to avoid.

+1, Thank you.

-- 
Hector Santos, Santronics Software, Inc.
http://www.santronics.com








_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html