-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Bad actors will find signatures surviving as a result of the 'l=n'
parameter, can then add their malware which might be a very innocent
looking URI pointing to some provider's AUP. This message can then be
sent in bulk anywhere. The innocent URI may still cause an exploit to
occur, and recipients might have thought they were trusting you.
So who
is hurt?
Of course, the DKIM community will then need to explain to these
end users
about this wonderful feature that allowed them to be completely
confused.
My answer is that the ISP who fails to scan a message, is an idiot
and deserves to go out of business.
Come on, Doug. You're saying that DKIM is this magic thing that
obviates the need for virus scanning. Pull the other one.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.5.2
Charset: US-ASCII
wj8DBQFFuU52sTedWZOD3gYRAouWAKCklugR5n4UekIhBAUyjTFiUt1cGwCffbkF
pMHr8wwMGKo9O8yKKkucQ1c=
=Qc+O
-----END PGP SIGNATURE-----
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html