Charles Lindsey wrote:
The folks supporting to list used algorithms in the SSP apparently
think that receivers could care about this nuance. And the folks
opposing that idea note that spammers would try to abuse this info.
Eh? This info is provided to counter a possible exploit. Nobody has
yet suggested that this extra info will open the way to yet further
exploits.
I'm too lazy to dig through the last 250 or so messages to find the
source (probably posted by John or Dave), but IIRC the idea was this:
A signer publishes to support a new algorithm "rot13". If spammers
happen to know that certain receivers don't support "rot13", they
can forge (invalid) "rot13" signatures in phishes to these receivers.
For "rot13" insert something serious, e.g. something not affected by
<https://datatracker.ietf.org/public/ipr_detail_show.cgi?&ipr_id=795>
Frank
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html