ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Collection of use cases for SSP requirements

2006-11-11 13:16:21
from [John Levine] [Permanent Link]
On Nov 11, 2006, at 2:31 PM, <Bill(_dot_)Oxley(_at_)cox(_dot_)com> <Bill(_dot_)Oxley(_at_)cox(_dot_)com> wrote: 


The FDIC certifies a bank and authorizes them to use a logo, won't the
phishers immediately certify their mail with that logo?
No, the idea is that the FDIC certifies a set of signing domains, and the logo goes with the certifier, so your MUA would show the logo only on mail with a sig from a domain in the list.
Bad guys could certainly put the logo in their mail and try to fool people. I don't know enough about user interface design to know how much of a problem that will be. 

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Collection of use cases for SSP requirements, Dave Crocker
Next by Date:  Re: [ietf-dkim] Collection of use cases for SSP requirements, Michael Thomas
Previous by Thread:  Re: [ietf-dkim] Collection of use cases for SSP requirements, Steve Atkins
Next by Thread:  Re: [ietf-dkim] Collection of use cases for SSP requirements, Dave Crocker
Indexes:  [Date] [Thread] [Top] [All Lists]