On Thu, 01 Mar 2007 13:44:21 -0000, Wietse Venema <wietse(_at_)porcupine(_dot_)org>
wrote:
On a friendly internet with only cooperating parties, this might
make sense. But the world has changed. With today's internet it
would be a fundamental mistake to make more distinctions than:
the signature was verified
other
If the verifier gives different treatments to different types of
"other", then the bad guys will exploit the verifier's behavior.
And how do you stop verifiers doing that?
Verifiers will do as they think fit (i.e. what their clients will pay
for), whatever our standards say. If some likely (though deprecated)
verifier behaviour leads to exploits by the Bad Guys, and there is an easy
way to counter the exploit (e.g. by clearer information in the SSP), then
it would be wise to dopt it.
"Defence in depth" is the term, I believe.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html