ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] SSP Responsibility Delegation - Security Concerns

2006-08-19 16:29:21
from [Michael Thomas] [Permanent Link] 
Hector Santos wrote:




So let's send this from mailinglist.com through their authorized
submission server:

From: president(_at_)company(_dot_)com
Sender: mailinglist.com
DKIM-signature: d=isp.com;



First, the presumption here is that president(_at_)company(_dot_)com has 
subscribed to
some mailing list where he should now be very aware the door is wide open to
exploitations.
Does anybody else agree with this statement? I'm fairly certain that my president (or even the Resident for that matter) is decidedly unaware, and I can't imagine a universe in which mine or any other would be aware of such a threat. Since this threat does not exist with the NS delegation method, my president could remain 
in unaware bliss which seems like as it should be.

      Mike
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Delegating responsibility: a make vs. buy design decision, Michael Thomas
Next by Date:  Re: [ietf-dkim] Delegating responsibility: a make vs. buy design decision, Scott Kitterman
Previous by Thread:  [ietf-dkim] Responsible SSP usage, Hector Santos
Next by Thread:  Re: [ietf-dkim] SSP Responsibility Delegation - Security Concerns, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]