ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] Re: Responsibility concerns with Designated Signing Domains

2006-08-26 06:01:34
from [Frank Ellermann] [Permanent Link] 
Stephen Farrell wrote:


But yet again, each form of delegation has its issues.


Right, but those forms where the delegator can delegate
without prior and explicit consent of the delegatee are
beyond my no-nonsense limit.  Ideally "explicit" should
allow receivers to verify this.

If an ISP uses a "we sign everything" strategy, and many
customers belong to botnets, then a "bad actor" could
register eboy (with an "O"), delegate eboy-signing to this
ISP unilaterally, and phish using his zombies with accounts
at this ISP.  SSP shouldn't allow this by design.

Frank


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Policy Discovery, Hector Santos
Next by Date:  [ietf-dkim] Re: T-Shirt Entries, Frank Ellermann
Previous by Thread:  Re: [ietf-dkim] Responsibility concerns with Designated Signing Domains, Stephen Farrell
Next by Thread:  Re: [ietf-dkim] Re: Responsibility concerns with DesignatedSigning Domains, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]